Buyers/credit Card Holders
The intention behind the system is that cardholders will have a decreased risk of other people being able to use their payment cards fraudulently on the Internet.
In most current implementations of 3-D Secure, the issuing bank or its ACS provider prompts the buyer for a password that is known only to the bank/ACS provider and the buyer. Since the merchant does not know this password and is not responsible for capturing it, it can be used by the issuing bank as evidence that the purchaser is indeed their cardholder. This is intended to help decrease risk in two ways:
- Copying card details, either by writing down the numbers on the card itself or by way of modified terminals or ATMs, does not result in the ability to purchase over the Internet because of the additional password, which is not stored on or written on the card.
- Since the merchant does not capture the password, there is a reduced risk from security incidents at online merchants; while an incident may still result in hackers obtaining other card details, there is no way for them to get the associated password.
3-D Secure does not strictly require the use of password authentication. It is said to be possible to use it in conjunction with smart card readers, security tokens and the like. These types of devices might provide a better user experience for customers as they free the purchaser from having to use a secure password. Some issuers are now using such devices as part of the Chip Authentication Program or Dynamic Passcode Authentication schemes.
One significant disadvantage is that cardholders are likely to see their browser connect to unfamiliar domain names as a result of vendors' MPI implementations and the use of outsourced ACS implementations by issuing banks, which might make it easier to perform phishing attacks on cardholders.
Read more about this topic: 3-D Secure
Famous quotes containing the words credit, card and/or holders:
“Truth lives, in fact, for the most part on a credit system. Our thoughts and beliefs ‘pass,’ so long as nothing challenges them, just as bank-notes pass so long as nobody refuses them.”
—William James (1842–1910)
“There is undoubtedly something religious about it: everyone believes that they are special, that they are chosen, that they have a special relation with fate. Here is the test: you turn over card after card to see in which way that is true. If you can defy the odds, you may be saved. And when you are cleaned out, the last penny gone, you are enlightened at last, free perhaps, exhilarated like an ascetic by the falling away of the material world.”
—Andrei Codrescu (b. 1947)
“The doctrine of those who have denied that certainty could be attained at all, has some agreement with my way of proceeding at the first setting out; but they end in being infinitely separated and opposed. For the holders of that doctrine assert simply that nothing can be known; I also assert that not much can be known in nature by the way which is now in use. But then they go on to destroy the authority of the senses and understanding; whereas I proceed to devise helps for the same.”
—Francis Bacon (1560–1626)