Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Convenience vs Security in Ecommerce Payments: How Everyone Can Win

Rune Sørensen explores how banks and merchants can increase security and enable a frictionless ecommerce payments experience for customers

In 2018, banks and retailers are dealing with a new breed of customer: one that expects a fast, seamless online payment experience.

When it comes to ecommerce, however, user experience isn’t the only consideration. As the number of card-not-present (CNP) purchases continue to increase, so do the security risks.

How can banks and merchants continue to offer customers security and transparency in payments without impacting their overall online shopping experience? How can this be done while fulfilling the Strong Customer Authentication (SCA) requirements mandated by the second Payment Services Directive (PSD2), and making use of the exemptions to offer frictionless authentication?

Readers will already be familiar with 3-D Secure, the XML-based protocol that adds an extra layer of security to online CNP transactions and enables consumers to authenticate themselves. The facility helps prevent unauthorised transactions and protects merchants from CNP fraud. Unfortunately, however, it also detracts from the customer’s payment experience by increasing the number of steps needed to complete the process.

The addition of risk-based authentication (RBA) provides a countermeasure. In many ways, it’s a magic ingredient: an elusive technology that further protects consumers online while simplifying the payment experience at the same time.

RBA is a dynamic, parameter-driven system that measures the risk level of a transaction and uses it to determine how strong the security challenge should be. Parameters include transaction amount, number of transactions within a specified time-frame, the cardholder’s browser fingerprint, and the country the payment originates in. Issuers can decide their individual risk profile and let transactions that they deem safe be authorised without further authentication. This means that with RBA, the customer is only required to enter their 3-D Secure password for higher-risk transactions, instead of every time they initiate a payment online.

If, for example, a consumer initiated a €10 transaction from a device they had frequently authorised payments with in the past, such as their own laptop, in the country where that card is registered, this could be classified as a low risk transaction, so additional password entry is not required. The payment experience is improved via a smoother and faster process for the consumer and, crucially, security has not been compromised.

RBA also benefits merchants and banks. For both parties, it reduces their liability for unauthorised CNP transactions, minimising any pay-out in the event of fraud. In addition, it has been found to reduce occurrences of ‘non-completed’ transactions, which boosts revenues.

In a Nets 3-D Secure with RBA pilot, at major Nordic bank, DNB, the share of non-completed transactions decreased significantly when risk-based authentication was used. For one merchant involved in the trial, not completed transactions decreased by 13.8%.

As consumers demand ever more frictionless payment methods when shopping online, RBA will quickly become a necessity. Dynamic, parameter-driven systems will give issuers the power to determine the risk levels they are comfortable with, while consumers experience fast, seamless payments and merchants and banks increase their revenues. Everybody wins – other than fraudsters, of course.

Find out more about RBA and read the full DNB case study in our latest eBook: Risk-Based Authentication: the next generation of 3-D Secure explained.