Visa – how to cut fraud, reduce friction and grow conversions in the digital economy

With the world’s economy going digital, merchants and banks are looking to maximise the benefits of existing e-commerce security systems to cut fraud and grow conversions.

As Visa publish a new white paper on the topic, Payments Cards & Mobile (PCM) spoke to Guido Mangiagalli (GM), Head of Risk and Authentication at Visa Europe, about what e-commerce businesses and banks need to do next.

     Reduce online risk and fraud through RBA

PCM: What’s happening in the digital economy that makes improving online transaction security so important?

GM: At the same time as e-commerce becomes a more important part of the global economy, more and more transactions are moving to mobile devices. The mobile channel offers a simpler, more intuitive customer experience for everyone.

This makes securing transactions over the mobile channel a must for those Merchants and Issuers looking to remain relevant.

In the mobile channel as elsewhere, customers don’t want lots of instructions: they expect to perform transactions with as few clicks as possible – in other words, speed and convenience are essential.

To deliver this frictionless, fast customer experience, we need solutions with a high level of security seamlessly integrated into the user experience.

PCM: Hasn’t the EU’s second payments services directive already improved e-commerce transaction security?

GM: PSD2 is a regulatory framework that provides a good balance between security on the one hand (via the Strong Customer Authentication (SCA) mandate), and convenience on the other thanks to numerous SCA exemptions.

To be compliant with PSD2, Issuers must deploy technologies that enable them to perform SCA during an e-commerce transaction. The EMV®[1] 3DS security protocol is one such technology.

However, by employing advanced Risk-Based Authentication (RBA) solutions alongside EMV® 3DS, Issuers can maximise the number of SCA exemptions they use.

PCM: How does Visa’s RBA solution work in the context of security protocols like 3DS?

GM: As we explain in our new white paper EMV® 3DS has been effective in reducing fraud because it enables Merchants and Issuers to exchange more than 100 different data points related to any payment transaction, from Device ID through to the IP address used.

By themselves, these points help to identify potentially fraudulent transactions and avoid stepped up authentications.

Working alongside EMV® 3DS, Visa RBA provides Issuers with a modern tool to maximise the use of PSD2 exemption and frictionless authentication.

It works by using AI and Machine Learning technologies to analyse transaction data provided by 3DS in real time, generating a risk score based on the cardholder’s payment history which is then provided to the Issuing bank.

Based on this risk score, the Issuer may decide to further validate the cardholder performing SCA, or in the case of a low risk score approve the transaction without additional friction for the cardholder.

PCM: What results are you seeing so far from the combination of RBA with 3DS protocols?

GM: Across Europe, some 75% of 3DS transactions are currently subject to stepped up authentication under SCA.

However, those banks that invest in modern RBA solutions are capable of reducing their challenge rate to less than 25% of transactions without impacting fraud rates.

“Issuers that invest in modern RBA solutions are capable of reducing their challenge rate to less than 25% of transactions without impacting fraud rates.”

This lower challenge rate is better for everybody: it means more sales conversions for Merchants, lower costs for Issuers and, most importantly, a frictionless user experience for the cardholder – all while keeping fraud rates in line with the requirements of PSD2.

By introducing Visa RBA alongside EMV® 3DS, all Issuers can now take advantage of PSD2 exemptions to maximise frictionless authentication and deliver the best user experience to their cardholders.

Download a free copy of Visa’s new white paper to learn more about more frictionless transactions, lower risk and improved compliance using risk-based analysis with 3DS

[1]   EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.

The post Visa – how to cut fraud, reduce friction and grow conversions in the digital economy appeared first on Payments Cards & Mobile.