This module covers technologies with specifications by EMVCo and FIDO Alliance. These technologies are developed to fight online fraud in its different forms.
This module 4 includes the following sections:
FIDO (Fast Identity Online) – This specification is developed by FIDO Alliance and describes authentication of a device that can be used as a single point of entry to other applications.
EMVCo 3DS – EMVCo has updated its 3 Domain Secure (3DS) specifications. The new version is described in this module and shows how to collect 140 data elements in order for the ecommerce merchant to analyze the collected data, and make a decision on whether to allow the transaction to go to the issuer or decline it. In this section we describe in depth details of the data elements that are to be collected and analyzed. In addition, we describe the standards for the step-up process that uses a secondary device, such as a mobile phone, to verify the consumer.
SRC/One Click Standards – Secure Remote Commerce (SRC) is an EMVCo specification that describes a platform for online card-not-present purchases. The SRC platform is created such that the consumer has to do minimal interaction with the system. It is also called One Click standard.
EMV Payment Tokenization is a specification describing how the card number, or PAN, is replaced by a token, for mobile payments. The token has no relationship with the PAN and in addition has restrictions on how or where it can be used. This reduces the amount of fraud when compared to using the real PAN in the mobile device.
At the end of this course you will be better informed on what the threats are and which tools are available to mitigate and stop fraudulent activities for online payment fraud. You will also be able to make decisions on how to use these techniques on an informed basis.