ABN Techweek – HOW DO VISA AND MASTERCARD PREVENT CNP (CARD-NOT-PRESENT) FRAUD
ABN Tech Week trains engineers on the most important issues in building highly scalable software systems. The topic for today is: HOW DO VISA AND MASTERCARD PREVENT CNP (CARD-NOT-PRESENT) FRAUD?
THE DIAGRAM BELOW SHOWS HOW 3-D SECURE PROTOCOL WORKS IN ORDER TO PROTECT ONLINE PURCHASES FROM CNP FRAUD.
3-D SECURE (3DS) PROTOCOL IS AN ADDITIONAL ๐ฌ๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ ๐ฅ๐๐ฒ๐๐ซ FOR ONLINE CARDS TRANSACTIONS. IT WAS ORIGINALLY DEVELOPED IN 1999, AND THE LATEST VERSION (VERSION 2) WAS PUBLISHED IN 2016 TO COMPLY WITH NEW EU AUTHENTICATION REQUIREMENTS.
3-D REFERS TO THE “THREE DOMAINS” – THE ACQUIRER DOMAIN, THE ISSUER DOMAIN, AND THE INTEROPERABILITY DOMAIN.
๐ ๐ซ๐ข๐๐ญ๐ข๐จ๐ง๐ฅ๐๐ฌ๐ฌ ๐ ๐ฅ๐จ๐ฐ – NORMAL TRANSACTIONS
๐น STEPS 1-2: A CONSUMER MAKES AN ONLINE PURCHASE AND HITS CHECKOUT TO ENTER PAYMENT CARD DETAILS. IF THE MERCHANTโS WEBSITE ENABLES 3DS, THE 3D SERVER SENDS THE AUTHENTICATION REQUEST TO THE DIRECTORY SERVER (DS).
๐น STEPS 3-6: BASED ON THE PRIMARY ACCOUNT NUMBER (PAN), DS FINDS THE CARD ISSUERโS ACCESS CONTROL SERVER (ACS) AND CHECKS IF THE CARD IS REGISTERED IN 3DS. THE RESPONSE IS SENT BACK TO DS, MERCHANT, AND CARDHOLDER.
๐น STEPS 7-10: NOW THAT THE CARD IS AUTHENTICATED, THE CARDHOLDER CAN PROCEED WITH THE PAYMENT REQUEST. THE REQUEST GOES THROUGH THE ACQUIRER AND THE CARD NETWORK AS USUAL.
๐๐ก๐๐ฅ๐ฅ๐๐ง๐ ๐ ๐ ๐ฅ๐จ๐ฐ – SUSPICIOUS TRANSACTIONS
๐น STEPS 1-6: THE STEPS ARE THE SAME WITH THE FRICTIONLESS FLOW. HOWEVER, THE CARDHOLDER IS PROMPTED TO ENTER PROOFS TO VERIFY THE CARD OWNERSHIP.
๐น STEPS 7-9: THE CARDHOLDER CAN VERIFY VIA OTP (ONE-TIME PASSWORD), SAFETY QUESTIONS AND BIOMETICS. THE RESULTS ARE SENT BACK VIA DS, SO IS MORE SECURE.
๐น STEPS 10-13: IF THE CARD IS AUTHENTICATED, THE CARDHOLDER CAN CONTINUE WITH THE ONLINE PAYMENT TRANSACTION.
AbnAsia.org Software. Faster. Better. More Reliable. +84945924877 (Asia# Mobile, WhatsApp, Telegram, Viber, Zalo); +16699996606 (US# Mobile, WhatsApp, Telegram) [email protected]
