Buyers/credit Card Holders
The intention behind the system is that cardholders will have a decreased risk of other people being able to use their payment cards fraudulently on the Internet.
In most current implementations of 3-D Secure, the issuing bank or its ACS provider prompts the buyer for a password that is known only to the bank/ACS provider and the buyer. Since the merchant does not know this password and is not responsible for capturing it, it can be used by the issuing bank as evidence that the purchaser is indeed their cardholder. This is intended to help decrease risk in two ways:
- Copying card details, either by writing down the numbers on the card itself or by way of modified terminals or ATMs, does not result in the ability to purchase over the Internet because of the additional password, which is not stored on or written on the card.
- Since the merchant does not capture the password, there is a reduced risk from security incidents at online merchants; while an incident may still result in hackers obtaining other card details, there is no way for them to get the associated password.
3-D Secure does not strictly require the use of password authentication. It is said to be possible to use it in conjunction with smart card readers, security tokens and the like. These types of devices might provide a better user experience for customers as they free the purchaser from having to use a secure password. Some issuers are now using such devices as part of the Chip Authentication Program or Dynamic Passcode Authentication schemes.
One significant disadvantage is that cardholders are likely to see their browser connect to unfamiliar domain names as a result of vendors' MPI implementations and the use of outsourced ACS implementations by issuing banks, which might make it easier to perform phishing attacks on cardholders.
Read more about this topic: 3-D Secure
Famous quotes containing the words credit, card and/or holders:
“Gratitude among friends is like credit among tradesmen: it keeps business up, and maintains commerce. And we pay not because it is just to discharge our debts, but that we might the more easily find lenders on another occasion.”
—François, Duc De La Rochefoucauld (16131680)
“In the game of Whist for two, usually called Correspondence, the lady plays what card she likes: the gentleman simply follows suit. If she leads with Queen of Diamonds, however, he may, if he likes, offer the Ace of Hearts: and, if she plays Queen of Hearts, and he happens to have no Heart left, he usually plays Knave of Clubs.”
—Lewis Carroll [Charles Lutwidge Dodgson] (18321898)
“Their holders have always seemed to me like a woman who should undertake at a state fair to run a sewing machine, under pretense of advertising it, while she had never spent an hour in learning its use.”
—Jane Grey Swisshelm (18151884)