3-D Secure is an XML-based protocol used as an added layer of security for online credit and debit card transactions. It was developed by Visa to improve the security of Internet payments and offered to customers as the Verified by Visa service. Services based on the protocol have also been adopted by MasterCard, under the name MasterCard SecureCode, and by JCB International as J/Secure. American Express has added SafeKey to UK and Singapore on 8 November 2010.
3-D Secure adds another authentication step for online payments. 3-D Secure should not be confused with the Card Security Code which is a short numeric code that is printed on the card.
The basic concept of the protocol is to tie the financial authorization process with an online authentication. This authentication is based on a three domain model (hence the 3-D in the name).
The three domains are:
1. Acquirer Domain (the merchant and the bank to which money is being paid).
2. Issuer Domain (the bank which issued the card being used).
3. Interoperability Domain (the infrastructure provided by the credit card scheme to support the 3-D Secure protocol).
The protocol uses XML messages sent over SSL connections with client authentication (this ensures the authenticity of both peers, the server and the client, using digital certificates).
A transaction using Verified by Visa/SecureCode will initiate a redirect to the website of the card issuing bank to authorize the transaction. Each issuer could use any kind of authentication method (the protocol does not cover this) but typically, a password-based method is used, so to effectively buy on the Internet means using a secret password tied to the card. The Verified by Visa protocol recommends the bank’s verification page to load in an inline frame session. In this way, the bank’s systems can be held responsible for most security breaches.
The main difference between Visa and MasterCard implementations resides in the method to generate the UCAF (Universal Cardholder Authentication Field): MasterCard uses AAV (Accountholder Authentication Value) and Visa uses CAVV (Cardholder Authentication Verification Value).
Spend more time accepting good orders and less time fighting fraud with IndiaPay 3D Secure Implementation.
Our fast, easy and simple integration of Cardinal Centinel gives you Verified by Visa and MasterCard SecureCode. And what these programs give you in return is an increase to your bottom line and a reduction in fraud. No other programs out there can give you the guarantee that Visa and MasterCard can.
Here are some benefits you can look forward to when accepting VbV and SecureCode on your website:
1. Reduction in chargebacks
2. Ability to accept more good orders
3. Increase Customer confidence while shopping at your site. The safer a Customer feels, the more likely they will come back.
4. Your business will be eligible for lower processing rates (Varies by merchant account)
And here is what you can expect from IndiaPay:
Industry Recognized Customer Service and Integration Team
Low monthly cost to accept
One integration for your business and all upgrades will be maintained by us
Access to all payment brands through your integration, including Google Checkout, PayPal, Bill Me Later and more. We can also take you into Mobile Commerce with our Mobile Platform, Cardinal MAX.