Neil Smith, Regional Head, Issuers EMEA at Verifi
New authentication methods make it harder for fraudsters.
It’s widely known that ecommerce is booming. But what doesn’t make the headlines is the mounting impact this growth in online shopping has on merchants. The number of card-not-present (CNP) payments is putting both merchants and issuers under increased pressure to quickly resolve payment issues, queries and concerns – should they arise.
Considering that five million UK consumers had funds stolen from their bank or credit card account in 2017 – at an average cost of £840 each according to comparison site ComparetheMarket – it is vital that issuers are able to resolve payment disputes quickly and efficiently to maintain cardholder loyalty and brand reputation.
As a result of both rising CNP fraud and the introduction of industry regulations such as PSD2, we are seeing more and more merchants turning to payment authentication to help maximise security around transactions and minimise potential issues.
With so many payment methods now available – from apps to voice – authenticating payments and stopping fraudsters is becoming more of a challenge. One of the greatest cost areas to merchants is chargebacks, mounting to a $31 billion problem for the payments industry, according to a recent study by Javelin Strategy & Research and commissioned by Verifi.
If you have experienced a fraudulent transaction on your debit or credit card account, it is likely that the bank used the chargeback process as a means to recover the funds. Chargebacks are essentially the reversal of an outbound transfer of funds from a consumer’s debit or credit card.
Usually, a chargeback is initiated when a consumer calls their card-issuing bank, rather than the merchant, to dispute a transaction. In fact, consumers are increasingly leaving merchants out of the dispute process, initiating a fraud-related chargeback directly with issuing banks up to 76% of the time, according to the Javelin study.
How can three-factor authentication help?
Chargebacks sometimes occur as a result of (CNP) fraud when a consumer’s card is used to make an e-commerce purchase without their knowledge. When the consumer checks their bank statements, they do not recognise the transaction and call their back to get the problem resolved. Mobile banking apps can help consumers speed up recognition, as they don’t have to wait for paper bank statements at the end of each month to check through. But the aim is to prevent them happening in the first place. This is where authentication of payments comes in.
Authentication is key to successful CNP commerce and preventing potentially fraudulent activity – helping the consumer, issuer, and merchant better assess legitimate transactions.
Under the new Payment Services Directive (PSD2), Strong Customer Authentication (SCA) will be mandated on certain consumer transactions. One type of SCA is two-factor authentication. For this, the customer is required to enter two pieces of information from the following:
- Something you know (for example a password)
- Something you have (for example a smart card reader)
- Something you are (for example a fingerprint or other biometric method)
Biometrics is one method of authentication quickly making its way into CNP payments, especially since mobile commerce is gaining momentum. Biometrics refers to authentication such as voice, finger prints, face, or even iris recognition.
Three-factor authentication is already becoming an everyday occurrence, as consumers casually unlock mobile phones and make payments merely with the touch of a thumb. The particular advantage in using biometrics is that they are difficult to counterfeit, as they are unique to the consumer and easily accessible to them. While not entirely un-hackable, when they are used as part of an authentication step, they can provide a very effective additional security layer.
While use and storage of biometric information might cause some concerns about privacy amongst consumers, technologists are seeking alternate data storing methods to bolster consumer trust in heightened payment security. This includes only storing the information on the consumer’s payment card. While the “Big Brother is watching” sentiment might persist, the future benefits of carrying a chip in your body to streamline payments could well outweigh any concerns! In the meantime, however, the positive impact biometric authentication has on banking – helping to reduce fraud disputes and chargebacks – will entice increased adoption.
The mass adoption of biometrics such as iris recognition as a security tool may still be off in the distance. Nonetheless, CNP merchants should consider implementing mainstream biometrics authentication, such as thumbprint recognition as a tool that is part of a comprehensive risk and fraud management strategy, especially with the proliferation of online and mobile banking apps. Staying on top of all the available technology and tools to be used in a layered approach will allow merchants to keep up with the fraudsters and guard against new threats, without damaging the customer experience.
This article was originally published in TechRadar Pro