EMVCo publishes guidance for EMV 3-D secure transactions

By Edlyn Cardoza

Global technical body EMVCo has published new resources to help card issuers and merchants to optimise the EMV® 3-D Secure (EMV 3DS) authentication experience for online shoppers when EMV Payment Tokens are in use, enhancing the fraud-prevention benefits that EMV 3DS provides.

EMV Payment Tokens are used across the payments ecosystem to increase the security of card-based transactions by replacing the primary account number (PAN) with a unique alternative value. Industry feedback identified an opportunity to improve the EMV 3DS authentication process by making Payment Tokens and related data available as part of the 3DS Authentication Request to improve issuer decision making and the consumer experience.

The EMV 3DS Payment Token Message Extension and supplemental white paper provide guidance on how payment token related data elements can be used to support the authenticity of EMV 3DS transactions. Using the extension, issuers can leverage additional payment token data to better identify the transaction and consumer. This reduces the need for additional consumer authentication in the form of a challenge, such as a one-time passcode or biometric.

“The use of EMV Payment Token data in the EMV 3DS authentication process further enables card issuers to make better risk-based decisions. As a result, merchants will benefit from improved transaction approval rates and a faster, more secure authentication process for their customers,” said Robin Trickel, EMVCo Executive Committee Chair.

The EMV 3DS Secure Payment Token Message Extension supports EMV 3DS v2.1 and v2.2. It is optional and does not impact interoperability. Based on the industry’s request for payment token data to be supported, the extension capabilities will be included in EMV 3DS v2.3 as part of the core specification.

EMV 3DS is a fraud prevention technology that enables consumer authentication, without adding unnecessary friction to the payment process that often leads to abandoned purchases. The EMV 3DS Specification provides a common set of requirements product providers can use to integrate this technology into their solutions to support seamless and secure e-commerce payments.

EMV Payment Tokenisation enables a payment token to be used in a payment transaction from point of purchase, passing across the payment networks between acquirers and card issuers, through to payment authorisation by the card issuer. EMV Payment Tokens are compatible with other forms of tokenisation such as acquirer and/or security tokens.