3D Secure | MPI | Verified by Visa | MasterCard Secure Code

TEL: +44.(0).870.490.8278 EMAIL: INFO@3DSecureMPI.COM

HomeThe case for 3D SecureBackgroundVerified by VisaSecure CodeHow it worksNewsOur SolutionHosted and ManagedDedicated InstallationsIntegration: APIPIT TestingReal Time MonitoringReliability PlusSoftware as a ServiceFAQSite Map

The case for 3DSecure

3DSecure allows a card holder to authenticate himself while making an online payment. It allows 3 domains to work elegantly together.

Domain 1: The card holder has the piece of mind that his card is not used without his authorization.

Domain 2: Merchants are protected from fraud and can provide the product and service without delay or extra costs.

Domain 3: Banks see that the transaction has been authenticated and are more likely to approve the transaction, to the convinience of the card holder.

Background

In a traditional credit card transaction, a payment request is presented to the issuing bank for authorization. The Issuing bank authorizes the transaction based solely on the funds available to the card holder.

With card present, the magnetic strip on the card can be read and a signature collected. This process has now been largely superceded by Chip and PIN which gives the card holder the opportunity to identify himself via a secret PIN code.

An Ecommerce transaction is conducted online, without the possibility to access the card physically. Un-authorized usage and fraud are therefore more likely.

This is bad for the card holder who risks having his card number stolen and his funds blocked. It is bad for the merchant who has to carry the ultimate responsibility of theft. It is bad for the banks who have to expand considerable resources handling the litigation between card holder and merchant, a process known as chargeback.

The risk has been partially mitigiated with the addition of an extra 3 digit security number refered to as CVV/CVC; this number was introduced because a decade ago it was common to print the card number on every purchase receipt and this security number can never be printed or stored and has become mandatory for ecommerce.

3DSecure allows transactions to be conducted in safety online, greatly reducing the risk of fraud and chargebacks.

Verified by Visa

The implementation of 3D Secure by Visa is called Verified by Visa.

Mastercard Secure Code

The implementation of 3D Secure by MasterCard is called Secure Code.

Amex SafeKey

The implementation of 3D Secure by Amex is called SafeKey.

How it works

When a payment request arrives at the merchant or payment gateway, the Merchant Plug In (MPI) component is activated. The MPI talks to Visa or MasterCard to check if the card is enrolled for 3DSecure. If the card is not enrolled, this means that either the bank that issued the card is not yet supporting 3DSecure or it means that the card holder has not yet been registered for the service.

If the card is enrolled, the MPI will redirect the card holder to the 3DSecure authentication web page for the issuing bank; the card holder will then identify himself. The MPI will evaluate the reply from the bank and, if successful, allow the transaction to proceed for authorization. The transaction could still fail for lack of funds or other reasons but is more likely to be approved because of the authentication.

Highlights

Verified by Visa

MasterCard SecureCode

Amex SafeKey

Endeavour MPI

The Endeavour Merchant Plug In (MPI), 1.0.2 compliant, for 3DSecure, backed by a more than a decade of experience in the industry, dedicated to excellence.

Amex SafeKey

Endeavour MPI becomes one of the first MPIs to support Amex SafeKey. SafeKey is the brand under which Amex is participanting in 3DSecure.

Postgres is now supported

Support for the popular Postgres database further increases the deployment options for the Endeavour MPI.

Flexibility

SOAP, RESTful, HTTP services, supports XML, HTML. JSON. MYSQL, MSSQL and POSTGRES. GLASSFISH and TOMCAT Interface for easy management.

Credorax deploys MPI

CredoRax a Global Vertically Integrated e-Commerce Acquiring Bank uses the Endeavour MPI to provide 3DSecure ecommerce transactions for both Visa and MasterCard.

Gateline chooses the Endeavour MPI for supporting 3DSecure

Gateline is a Internet Payments Service Provider working with credit cards processing since 2005. Gateline's business clients include air and railway companies, mobile communications, Internet stores and electronic funds.

Cipher Management

A cipher management system added to the MPI Interface makes complicated key management, setting up of new Acquirers an easy and simple task.