Overview
“The gauntlet has been thrown for 2019 for securing e-commerce. While the industry tries to solve e-commerce security issues, in many senses it is getting in its own way. EMVco, which has made strides in card-present fraud, is preparing new technologies for e-commerce. The most promising of these is 3-D Secure, version 2.0 (3DS2), an upgrade of current authentication technology, which is a significant upgrade over the original protocol 3-D Secure (3DS) from the global card network consortium EMVCo that could impact e-commerce and m-commerce fraud frequency and the negative costs associated with it. Yet, credit card companies are preparing a more aggressive upgrade called Secure Remote Commerce on its heels. Banks and merchants will have a stake in securing e-commerce, but may be confused by rapid-fire roll-outs from EMVco,” comments the author of the report, Tim Sloane, Vice President, Payments Innovation, and Director, Emerging Technologies Advisory Service, at Mercator Advisory Group.
This research report has 30 pages and 10 exhibits.
Companies and other organizations mentioned in this report include: ACI, Adyen, Alibaba, Amazon, American Express, Apple, AsiaPay, BarclayCard, Best Innovation Group, Cardinal Commerce, Cisco, CULedger, Decentralised Identity Foundation, Discover, eBay, EMVCo, Evernym, Facebook, Federal Reserve Bank of Minneapolis, First Data Corporation, Fiserv, Google, Government of British Columbia, Government of Ontario, InAuth, IBM, International Airlines Group, JCB, Linux Foundation, Lloyds Bank, Kount, Mastercard, Microsoft, Mozilla Foundation, National Institute of Standards and Technology (NIST), Novartis, NuData, PayPal, Protegrity, Royal Credit Union, SITA, Sovrin Foundation, Square, Stripe, TokenEx, Tencent, ThreatMetrix, TSYS, UnionPay, Veridium, Visa, Worldpay, and The World Wide Web Consortium (W3C).
One of the exhibits included in this report:
- Assessment of current technology. For physical retail, securing payments has been a case study in corporate cooperation and developing technology. Unfortunately, the same cannot be said about e-commerce. For card-present transactions, the EMVCo consortium of six companies (American Express, Discover, JCB, Mastercard, UnionPay, and Visa) has shared technology and expertise to solve a crisis that threatens its future growth: payment fraud. In just over five years, EMVCo has produced dramatic results toward securing card-present payments with its chip and PIN technology. Since launching in October 2015, merchants that have installed the EMV card readers at the point of sale have seen a 75% drop in fraudulent charges, compared to a 46% drop for all U.S. merchants. U.S. market share leader Visa says that 97% of all U.S. payment volume ran through EMV cards during the month of June 2018.
- EMVCo’s efforts toward securing e-commerce. 3-D Secure, the e-commerce security solution introduced by EMVCo is not working. The consortium is preparing an update and overhaul of this technology under tremendous pressure from credit card companies, banks, merchants, acquirers, and processors. For traditional banks and emerging financial technology companies, the stakes are high.
- A review of security solutions. A review of the background that has made tokenization the leading candidate to make a significant impact in e-commerce fraud and a look at the two new technologies that could change the game: W3C and digital identity.
Make informed decisions in a digital financial world