What Is 3D Secure
3D Secure, such as Verified by Visa and MasterCard SecureCode, allows transactions to be conducted in safety online, greatly reducing the risk of fraud and chargebacks. The process allows the cardholder domain, interoperability domain and merchant domain (3 Domains or 3D) to securely communicate with each other and allow the authentication of the cardholder transaction.
How Does 3D Secure Work
-
Enrolment Enquiry
When a payment request arrives at the merchant or payment gateway, the Merchant Plug In (MPI) component is activated. The MPI talks to Payment scheme (Visa or MasterCard) to check if the card is enrolled for 3D Secure.
-
End User Identification
If the card is not enrolled, this means that either the bank that issued the card is not yet supporting 3D Secure or it means that the cardholder has not yet been registered for the service. If however the card is enrolled, the MPI will redirect the cardholder to the 3D Secure authentication web page for the issuing bank; the cardholder will then identify himself.
-
Transaction Authorisation
The MPI will evaluate the reply from the bank and, if successful, allow the transaction to proceed for authorisation. The transaction could still fail for lack of funds or other reasons but is more likely to be approved because of the authentication.
What Do We Do
We will complete an on-site assessment of your current security controls against the current regulatory requirements. Employing AC Assure for your audit will not only ensure you complete your regulatory obligation’s, you will also be reassured that your systems security is robust without being inhibitive to effective production. We will look at your:
- Policies and procedures
- Technical controls such as firewalls, web servers etc.
- Cryptographic keys