Staying compliant and using 3DS Exemptions effectively to minimise friction for your customers

The merchants and the issuers should offer the consumer a payment process that is simple and as little error-prone as possible. This already starts with the entry of possibly incorrect card data by the consumer. To counteract this problem, the merchant can store the consumer’s card data on the merchant side in a customer account (card-on-file). Another alternative to prevent false card data entries is to offer payments via digital wallets. Not less important is that issuers offer their cardholders simple 3-D Secure authentication procedures that are understandable and easy to use.

Since exemptions can’t be applied in all instances, what methodologies for authenticating cardholders do you recommend that are both SCA compliant and seamless?

In order to provide the cardholder with a seamless and integrated payment experience, Netcetera recommends card issuers to integrate 3-D Secure authentication directly into the issuer mobile app. With an integrated secure app solution, the cardholder confirms the transaction with only a single click in the mobile app. To comply with the requirements for strong customer authentication according to PSD2, the app can be combined easily with biometric identification (fingerprint, face-scan) as a second authentication factor.

Another convenient and SCA compliant authentication method is to use dynamic passwords (one-time passcodes) in combination with a knowledge factor. The delivery of the dynamic password to the cardholder is usually done via SMS but can also be done through other channels such as email or via e-banking.

For consumers who do not have a mobile device, there is a new possibility to authenticate online payments based on the FIDO technology. The users register a FIDO token via a 3-D Secure enrollment page. The token is then linked to the credit card and can easily be used to approve online payments conveniently and securely.

How does Netcetera help increasing knowledge growth for all players – merchants, issuers, acquirers – when it comes to correctly apply exemptions and what solutions does the company have in this matter?

Built on 18 years of experience, Netcetera offers a comprehensive 3-D Secure product portfolio to best support card issuers, acquirers, and merchants. This includes:

Netcetera’s 3-D Secure products support all SCA exemptions according to PSD2, whereby exemptions can be combined and configured individually according to customer requirements. Netcetera advises all its customers on the integration of the 3-D Secure products and helps finding the best product configuration. As an EMVCo Associate, Netcetera has been working closely with the major card schemes for many years and was involved in the correct definition and specification of the exemptions. Read more and check out our upcoming webinars here: www.netcetera.com.

This interview is part of The Fraud Prevention in Ecommerce Report 2021/2022, the ultimate source of knowledge that delves into the evolutionary trail of the payments fraud ecosystem, revealing the most effective security methods for businesses to win the battle against bad actors.

About Roger Burkhardt

As Product Manager at Netcetera, Roger has been responsible for products for issuers, acquirers, and PSPs from 2017 to 2020. Since 2021, he is part of Netcetera’s Incubation Team to support a diverse but complementary product portfolio within the Secure Digital Payment Division, in line with the company’s growth strategy.

About Netcetera

Netcetera is a global software company with cutting-edge IT products and individual digital solutions. More than 2,000 banks and issuers, and 150,000 merchants rely on their digital payment solutions and globally certified 3-D Secure products. Founded in 1996, Netcetera has 800 employees across Europe, Asia, and the Middle East.