3-D Secure - Description and Basic Aspects

Description and Basic Aspects

The basic concept of the protocol is to tie the financial authorization process with an online authentication. This authentication is based on a three domain model (hence the 3-D in the name). The three domains are:

  • Acquirer Domain (the merchant and the bank to which money is being paid).
  • Issuer Domain (the bank which issued the card being used).
  • Interoperability Domain (the infrastructure provided by the card scheme, credit, debit, prepaid or other type of finance card, to support the 3-D Secure protocol). Interoperability Domain includes the internet, MPI, ACS and other software providers

The protocol uses XML messages sent over SSL connections with client authentication (this ensures the authenticity of both peers, the server and the client, using digital certificates).

A transaction using "Verified by Visa" or SecureCode will initiate a redirect to the website of the card issuing bank to authorize the transaction. Each issuer could use any kind of authentication method (the protocol does not cover this) but typically, a password-based method is used, so to effectively buy on the Internet means using a password tied to the card. The Verified by Visa protocol recommends the bank's verification page to load in an inline frame session. In this way, the bank's systems can be held responsible for most security breaches. Today with the ease of sending white listed text messages from registered bank senders, its easy to send an one time password as part of a SMS text message to users mobiles and emails for authentication. At least during enrollment and for forgotten passwords.

The main difference between Visa and MasterCard implementations resides in the method to generate the UCAF (Universal Cardholder Authentication Field): MasterCard uses AAV (Accountholder Authentication Value) and Visa uses CAVV (Cardholder Authentication Verification Value).

Read more about this topic:  3-D Secure

Famous quotes containing the words description, basic and/or aspects:

    It [Egypt] has more wonders in it than any other country in the world and provides more works that defy description than any other place.
    Herodotus (c. 484–424 B.C.)

    Man has lost the basic skill of the ape, the ability to scratch its back. Which gave it extraordinary independence, and the liberty to associate for reasons other than the need for mutual back-scratching.
    Jean Baudrillard (b. 1929)

    The North American system only wants to consider the positive aspects of reality. Men and women are subjected from childhood to an inexorable process of adaptation; certain principles, contained in brief formulas are endlessly repeated by the press, the radio, the churches, and the schools, and by those kindly, sinister beings, the North American mothers and wives. A person imprisoned by these schemes is like a plant in a flowerpot too small for it: he cannot grow or mature.
    Octavio Paz (b. 1914)