The successful liability shift for enrolled card is required to the point at which merchants are no longer held financially responsible for certain types of fraudulent transactions if they have met certain requirements for accepting chip-enabled cards. This shift helps to reduce the incidence of card fraud and encourages merchants to upgrade their card readers to accept chip cards.
To be successful, merchants must ensure that they have implemented the necessary technology and processes to accept chip cards and that they are checking for the presence of the chip on the card before accepting a payment. Additionally, merchants must also follow the guidelines set by card networks, such as Visa and Mastercard, for processing chip card transactions.
In response to online payments (CNP), there has been an increase in eCommerce volumes over the last year.
eCommerce fraud rates in 2015 were at 0.53%. However, this is still a significant amount when eCommerce sales are projected to exceed $2.3 billion by 2017. This means that eCommerce fraud may rise to $12 Billion.
Internet fraud is rampant, but it’s not unexpected. CNP transactions can be more secure than others due to the difficulty in identifying the authorized cardholder.
Since 2001, is available with the 3D Secure protocol. This protocol is one of the most trusted and oldest in the fight against CNP online fraud.
While the protocol serves to protect the consumer by providing an authentication layer that verifies that the cardholder used it during the transaction, it also protects merchants in the event of fraudulent chargebacks.
This protection comes as a result of potential liability shifting from the merchant toward the card issuing Bank.
Note that this protection doesn’t cover claims made by consumers who are not fraudulent.
Everyone is different in the time at which liability shifts take place. It depends on several factors including the card issuer, and whether the card is already enrolled in 3D Secure, as well as the response to the authentication request.
There are two steps that must be followed to determine if liability shifting in the current protocol (3DS1) is allowed.
To request information about the 3DS program, the merchant needs to install a merchant plug-in. This will handle authentication messaging between the bank and merchant using a 3D Secure vendor.
Enrolment queries will either receive a definitive response of ‘Yes or no’ unless the issuer is unable to give information about the card status. If this happens, the response from MasterCard and Visa will be ‘unavailable.
The third stage involves 3D Secure cardholder verification. This is done by returning a definitive answer (authentication failure) If an error occurs on the network or system, in which event the response could read as “Authentication error”/’Authentication attempted.
The results of step 1 (card registration) and step 2, (authentication status), will determine whether there is a liability shifting.
In general, here are the rules:
3DS2 could be adopted very early in the year. But it will mainly be a time for testing and refining the protocol before it is fully implemented.
The global program activation deadline is 12/04/2019. Prior to that, the existing liability shift rules in accordance with the original 3DS1 Protocol shall continue to be fully enforced.
3DS2 will go live with a minimal shift in liability shifts. This could provide merchants with significant advantages, protecting them from chargebacks.
In the current state, if a merchant attempts authorization but the issuer does not support 3DS2, the merchant will still benefit from fraud chargebacks.
The merchant is responsible even if 3DS2 does not support the issuing bank. This change takes effect on 12/04/2019 and merchants still have fraud protection.
3D Safe, which protects buyers from fraud, can be used for NPP buys.
This protection level is being increased with 3ds2 so that it can be irreplaceable in today’s online market.
A successful liability shift for enrolled cards is required to maintain the security and integrity of the payment system because it helps to reduce the risk of fraudulent transactions. When a merchant has implemented certain security measures, such as technology, they are less likely to be the target of fraud. This helps to protect both merchants and consumers from financial losses.
Liability shift helps to incentivize merchants to implement the latest security measures, which in turn helps to reduce fraud and protect both merchants and consumers from financial losses.
Examples of security measures that can lead to a liability shift include EMV chip technology, point-to-point encryption, and tokenization.
If a merchant does not implement liability shift measures, they may be held liable for fraudulent transactions that occur on their network. This can result in significant financial losses for the merchant.
A card issuer is responsible for providing EMV chip-enabled cards to the customers and the merchant is responsible for upgrading the terminal to accept the EMV chip-enabled card.
With many years of rich experience in technology development, Logibiz Technologies aim to boost your online presence by offering 360-degree solutions related to Online Payments and its Security.
From Online Fraud Prevention solutions to White Label Payment Gateway Platform and complete 3DS testing environment, Logibiz has got your back. Additionally, we also offer consultancy services for all your EMVCo & Card Scheme certification needs.
We provide Free Demo & POC of our products which are certified globally and trusted by leading Financial Institutions worldwide.
Book a Free Consultation Call with our experts to discuss how we can help grow your online payments business.
We provide Tailored Payment Solutions for PSPs, Payment Gateways, Banks and Merchants with a complete range of top-tier payment gateway platforms, robust authentication solutions, and cutting-edge testing tools.
We’ll update you on our upcoming events, newsand publications.
Try our solutions for free! Sign up now and see how we can help you.
Explore our comprehensive services. Download our brochure for detailed information on our offerings and solutions.
The 3DS Server provides a functional interface between the Directory Server (DS) and the 3DS Requestor Environment flows. 3DS Server is responsible for gathering necessary data elements for 3-D Secure messages, authenticating the DS, validating the DS, the 3DS SDK, and the 3DS Requestor, safeguarding the message contents. The 3DS Server also helps to protect the message content while it is being transferred to DS and vice versa.