Visa International this week announced the worldwide roll-out of
technical specifications designed to support payment authentication
services for online credit card transactions while leaving
retailers free to use their own mechanisms for processing
payments.
The move puts a global spin on payment authentication capabilities
that Visa's US operations detailed last month. The company's
international unit said it has been working with a group of more
than 60 technology vendors and consulting firms, including IBM,
Microsoft, Oracle and Sun Microsystems, to develop and test the new
3-D Secure 1.0 specifications.
The technical guidelines are part of a Visa Authenticated Payments
program that's now being implemented in the US, Europe, Asia and
other parts of the world.
Philip Yen, executive vice president of the e-Visa International
e-commerce group, said the specifications are aimed at ensuring
that shoppers using Visa cards "have the same confidence on the
Internet as [they do] in the real world."
The new specifications are being offered as a potential alternative
to Visa's more comprehensive 3-D Secure Electronic Transaction
(SET) standards, which were first developed five years ago. The 3-D
SET approach secures electronic transactions from Visa cardholders
to retailers and then on to the banks and other companies that
issue the credit cards. By contrast, 3-D Secure focuses on
authenticating the identity of shoppers and providing that
information to retailers.
Tom Manessis, vice president of e-commerce at e-Visa International,
said the new approach works by creating a conduit between a
retailer, a credit card issuer and an individual cardholder trying
to make a purchase online or via a mobile phone. The credit card
number is collected by the retailer and then sent by software to
the appropriate card issuer in real time, Manessis said.
The card issuer can then verify the account number and trigger a
query window on the shopper's PC, requiring him or her to enter a
personal identification number or public-key infrastructure
information. If the information is correct, Manessis said, the card
issuer validates the sale for the retailer, which can then use its
existing method of processing the actual payment.
Online transactions currently represent about 2% to 3% of the $1.9
trillion (£1.35 trillion) in annual sales processed on Visa cards,
and the company said less than one tenth of a per cent of that
money is lost to credit card fraud. But making online shoppers more
comfortable is a key goal for Visa: "We've done quite a bit of
consumer research," Manessis said. "Security is still one of their
top concerns."
The vendors that Visa International is working with include
developers of payment and customer relationship management
software, as well as companies that make security and
fraud-detection tools. The technical specifications support
authentication from point-of-sale devices and via PCs and mobile
phones. Yen said future plans call for the addition of capabilities
for PDAs and interactive TV sets.