Magnify logoSubscribe To Magnify

Safer E-Commerce Checkouts With 3-D Secure

Article contributor: Deb Conley, Ryan Dutton, Diana Kern and Katie Wood

In an increasingly digital world, online shopping is here to stay. Depending on who you ask, industry sources say card-not-present (CNP) purchases make up 20% to 40% of all card transactions in the U.S. And where payments go, fraud will follow. SHAZAM’s data shows that approximately 75% of all fraud reported to us is CNP. SHAZAM’s 3-D Secure (3DS) capabilities include a one-time passcode (OTP) result. This feature is two-fold: it helps reduce friction for legitimate cardholders as well as strengthens fraud protection.

What’s 3-D Secure?

3DS tools help authenticate the purchaser as the legitimate cardholder during the online checkout process. You may remember first-generation 3DS tools by the names Mastercard® Secure Code® and Verified by Visa®, but today they’re called Mastercard Identity Check® and Visa Secure®. Merchants may optionally enroll under each program, and SHAZAM validates the data when provided by the merchant.

What’s the Cardholder’s Experience?

Put simply, a cardholder enters card data for payment as usual. If SHAZAM’s 3DS service detects a higher risk of fraud, the cardholder may be asked to verify the purchase with an OTP. Typically, fewer than 20 percent of e-commerce purchases require a cardholder to use an OTP to complete the transaction. Refer to our updated 3-D Secure User Guide for OTP checkout experience screen examples.

Why Do Merchants Use These Services?

The answer boils down to who has the liability for fraud-related chargebacks. Generally, when a merchant employs one of these tools, they’re not liable if the cardholder claims the purchase wasn’t authorized. You can easily recognize Mastercard Identity Check and Visa Secure transactions by viewing the authorization data in SHAZAM Access>Transactions.

  • Mastercard issuers should locate the “UCAF DATA” and “UCAF IND” fields in the Mastercard Specific Indicators section.
    • UCAF DATA contains a value to explain the level of authentication performed
    • UCAF IND tells you if chargeback rights are available on the transaction.
  • Visa issuers should locate the “Mail/Phone Auth” field in the Visa Information section to determine if chargeback rights are available.

Refer to SHAZAM’s updated 3-D Secure User Guide for more details about the data you’ll find in these fields and examples of SHAZAM Access Transactions. Our chargeback quick reference for Mastercard and Visa makes it easy to know when chargeback rights are available on transactions your cardholder claims are unauthorized.

How Can I help My Cardholders if Needed?

The OTP process is intuitive for cardholders, and there’s nothing you need to do to assist. However, there may be times when the cardholder’s mobile number isn’t available or current in SHAZAM’s plastics information. You can mitigate this risk by diligently maintaining your cardholder data. It’s also possible for a cardholder to incorrectly enter the passcode and be restricted from purchases utilizing 3DS after the third attempt. SHAZAM client support can help you troubleshoot these situations and others at 800-537-5427, options 2, 2.

As with any impact on your cardholders’ experience and operations support for them, education and information sharing are critical. Create bookmarks for our 3-D Secure User Guide and other references included in this article to quickly find answers when needed.