Since October 2008, banks and online merchants have begun to adopt the 3DSecure system for online payments.
3D Secure is called "Verified by Visa
" by Visa, and "MasterCard Secure Code
" by MasterCard.
This system was invented to avoid NOC (No Card Present) fraud schemes, that is to say the fraudulent payments using stolen credit card (card numbers were stolen, for example).
The goal is to:
- Reduce fraud on online shopping website.
- Secure payment from customers.
The limitations of the visual cryptogram
When making an online transaction, 3 items are required:
- The card number
- The expiry date
- The visual cryptogram
The visual cryptogram, is the 3 numbers on the back of your card (requested to perform online payments). But this information can be visually acquired and copied. With 3D Secure, additional information will be requested to confirm that you are the owner of the card.
How does it work?
For a 3D Secure payment to be made, you must have a 3DSecure card and the website must support 3D Secure too
- Most of the new credit cards support 3DSecure.
- For the older cards,switching 3DSecure may be automatic, or your bank will ask you to sign an addendum to your contract.
When performing an online purchase with 3DSecure, you will need to enter the card number, expiration and security code and after entering these information, you will be redirected to the website of your bank for authentication.
You will be asked to enter additional information to prove that you are the owner of the card.
Each bank is free to choose the authentication method. Among these are:
- a classic password.
- an electronic device (generates a code for each transaction).
- a code sent by SMS
- and many more ...
This document, titled « 3D Secure/ Verified by Visa/ Secure Code », is available under the Creative Commons
license. Any copy, reuse, or modification of the content should be sufficiently credited to CCM