3-D Secure - Buyers/credit Card Holders

Buyers/credit Card Holders

The intention behind the system is that cardholders will have a decreased risk of other people being able to use their payment cards fraudulently on the Internet.

In most current implementations of 3-D Secure, the issuing bank or its ACS provider prompts the buyer for a password that is known only to the bank/ACS provider and the buyer. Since the merchant does not know this password and is not responsible for capturing it, it can be used by the issuing bank as evidence that the purchaser is indeed their cardholder. This is intended to help decrease risk in two ways:

  1. Copying card details, either by writing down the numbers on the card itself or by way of modified terminals or ATMs, does not result in the ability to purchase over the Internet because of the additional password, which is not stored on or written on the card.
  2. Since the merchant does not capture the password, there is a reduced risk from security incidents at online merchants; while an incident may still result in hackers obtaining other card details, there is no way for them to get the associated password.

3-D Secure does not strictly require the use of password authentication. It is said to be possible to use it in conjunction with smart card readers, security tokens and the like. These types of devices might provide a better user experience for customers as they free the purchaser from having to use a secure password. Some issuers are now using such devices as part of the Chip Authentication Program or Dynamic Passcode Authentication schemes.

One significant disadvantage is that cardholders are likely to see their browser connect to unfamiliar domain names as a result of vendors' MPI implementations and the use of outsourced ACS implementations by issuing banks, which might make it easier to perform phishing attacks on cardholders.

Read more about this topic:  3-D Secure

Famous quotes containing the words credit, card and/or holders:

    Bless my soul, Sir, will you Britons not credit that an American can be a gentleman, & have read the Waverly Novels, tho every digit may have been in the tar-bucket?
    Herman Melville (1819–1891)

    I must save this government if possible. What I cannot do, of course I will not do; but it may as well be understood, once for all, that I shall not surrender this game leaving any available card unplayed.
    Abraham Lincoln (1809–1865)

    With the holders holding my hand nearing the call of the bird,
    Comrades mine and I in the midst, and their memory ever to keep, for the dead I loved so well,
    For the sweetest, wisest soul of all my days and
    lands—and this for his dear sake,
    Lilac and star and bird twined with the chant of my soul,
    There in the fragrant pines and the cedars dusk and dim.
    Walt Whitman (1819–1892)