Will 3-D Secure End Fraud & Chargebacks Once & For All?
EMVCo, the industry body that represents interests of the major card schemes, introduced 3-D Secure 2.0 back in October 2016. According to the organization, 3-D Secure 2.0 will improve the customer experience and deliver unmatched security. But will the technology really be as impressive as it sounds?
The Benefits of 3-D Secure
3-D Secure technology first appeared more than a decade ago when Visa unveiled their Verified by Visa system. Other companies, including Mastercard, American Express, and UnionPay eventually followed, each introducing their own adaptation of 3-D Secure protocol. Now, the next generation promises major steps forward:
- Supporting app-based purchases on mobile devices
- Enabling intelligent risk-based decisioning for frictionless authentication
- Providing multiple authentication options, including passcode and biometrics
- Integrating seamlessly into the checkout process
With improved fraud detection, device support, reduced friction, and seamless integration, 3DS 2.0 seems like it may deliver a “fraud-proof” eCommerce environment. However, while there are certainly benefits to adopting this technology, it is still far from perfect.
What Was Wrong with 3-D Secure?
3-D Secure 1.0 did not take eCommerce by storm when it first appeared. In fact, those aware of Visa’s new technology seemed more concerned and confused than relieved.
First, the protocol launches a popup and asks for the cardholder’s information when a customer attempts to complete a purchase using 3-D Secure. This is often misconstrued as a phishing attempt because the URL in this window does not have anything identifying it with the card brand, deterring many buyers.
Even if the suspicious popup fails to dissuade the cardholder, there is also the ongoing problem of customers forgetting their password. Coupled with the general lack of knowledge about 3-D Secure and the extra friction of a more in-depth checkout process, it’s little surprise that cardholders haven’t embraced the technology.
Does 2.0 Correct These Blunders?
Under 3-D Secure 2.0, customers do not need to enter their passcode immediately. Instead, the merchant delivers the transaction as usual, with the 3-D Secure provider designating the transaction as either “high risk” or “low risk.” The latter is passed on for authorization, while the former will be sent back to the merchant for additional verification.
This is a substantial change to the technology. But it may not be enough to make 3-D Secure 2.0 as successful as the payments industry hopes it will be.
Inconsistent Authorization
Cardholders are already suspicious of 3-D Secure popups during checkout. If the request for additional authorization seems random, customers may be even less likely to trust it. Either way, it is an added layer of transaction friction, which can lead to increased shopping cart abandonment.
Visa claims that less than 5% of all transactions will require this additional step, but the MRC Global Fraud Survey suggests that the average merchant will have to review about 15% to 25% of all orders. The additional friction could significantly impact merchants’ conversion rates.
Will Not Stop Chargebacks
I’ve heard a couple of commenters suggest that 3-D Secure 2.0 may eliminate chargebacks altogether; that because the technology uses intelligent risk detection, it will stop criminals from committing chargebacks once and for all.
But even then, it wouldn’t comprehensively address the chargeback problem.
3DS 2.0 is an effective tool for targeting criminal fraud, but it has little impact on friendly fraud, which is ultimately responsible for most chargebacks. The most common justifications for a chargeback – the product never arrived, or that the seller shipped the wrong item – will not be impacted at all.
3-D Secure is a Useful Tool—But Not the Solution
3-D Secure 2.0 will be an asset for merchants looking to prevent unauthorized transactions and criminal fraud attempts. But it’s important to understand that this will not be an end-all cure for fraud.
It’s certainly an improvement, but 3-D Secure 2.0 will not succeed if no one really understands or uses it. The technology needs to become a standard part of the checkout process, but that can only be achieved through educating merchants and consumers on 3DS 2.0’s value.
Still, even if it becomes widely-used, it is no “miracle cure” for chargebacks and creative fraudsters. Cyber-shoplifters will continue developing new techniques to cheat the system. The only way to position your business for sustainable, long-term growth is to keep pace with fraud and adapt to new threats as they develop.