NBU switched to a new security protocol for payment systems 3DS2
Tashkent, Uzbekistan (UzDaily.com) -- The National Bank for Foreign Economic Affairs of the Republic of Uzbekistan was one of the first in Uzbekistan to switch to the new security protocol 3D Secure 2.0, both in terms of the emission side and acquiring.
Every year, NBU, relying on the experience of large international banks, improves its processing system for international plastic cards, thereby helping and protecting its customers from unauthorized access to card data by fraudsters and malefactors. An important milestone for secure payments is the new 3D Secure 2.0 security protocol.
The first version of the 3D Secure security protocol was developed to increase consumer confidence in online payments, which has fueled the growth of e-commerce. To protect against fraudulent transactions, 3D Secure adds another authentication step for online payments, allowing merchants and banks to additionally verify that the payment is made by the cardholder.
While the payment industry has accepted this authentication method quite well, there has been recognition of the need to create a new protocol based on current and future market demands. Thus, the additional authentication step required to complete the payment became one of the disadvantages of using 3D Secure 1.0, as it increased the complexity of the ordering process and could lead to customers refusing to purchase.
Taking into account the shortcomings of the previous version of the protocol, payment systems began to implement a new improved version of the 3D Secure 2.0 protocol.
The advantages of the new version are:
1. Flexible support for various devices and channels. It provides a smoother and more consistent user experience across multiple payment channels, including in-browser payments, in-app payments, and digital wallet payments.
2. Improved user experience. Enables merchants to better integrate authentication into their shopping experience by providing cardholders with fast, simple and convenient authentication with high levels of security. 3D Secure 2.0 uses dynamic authentication methods such as biometrics and token-based authentication.
3. Improved data exchange for anti-fraud and mitigation of barriers, risk-based authentication and hassle-free authentication. Improved data exchange to combat fraud and reduce barriers allows issuers to approve a transaction without requiring manual data entry from the cardholder. This is achieved through what is known as risk-based authentication.
Risk-based authentication works by collecting a set of cardholder data at the time of a transaction and transmitting it to the NBU (issuing bank) and its Access Control Servers (ACS), which then compares the collected data with previous (historical) cardholder transaction data for withdrawal the value of the fraud risk associated with the new transaction. This includes payment-related data such as shipping address, as well as contextual data such as customer device ID or history of previous transactions.
The NBU can use this information to assess the level of risk of a transaction and select an appropriate response. If the value of the risk of fraud is low enough, then the bank will not request additional verification from the cardholder and will assume that the cardholder is authenticated. In the event that the value of the risk of fraud is higher than a predetermined threshold, then the client is asked to provide additional data to verify the authenticity of the payment.