Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

11/26/2012
11:55 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New Visa Consumer Authentication Service Combats eCommerce Fraud

Solution designed to seamlessly support an issuer's Three Domain Secure (3-D Secure) program

FOSTER CITY, Calif., Nov. 26, 2012 /PRNewswire/ -- Visa Inc. (NYSE: V) today announced a new solution in its information products line up to help issuers reduce the risk of eCommerce fraud using real-time, risk-based transaction analysis. Called the Visa Consumer Authentication Service, the solution is designed to seamlessly support an issuer's Three Domain Secure (3-D Secure) program such as Verified by Visa and is available in all Visa Inc. markets immediately.

Visa Consumer Authentication Service authenticates the consumer prior to the authorization process, adding a powerful layer of protection against fraud. As the consumer begins the online checkout process, the solution performs a real-time risk assessment of the transaction based on numerous inputs including device and transaction information and historical spending patterns. The result is that issuers can complete lower-risk eCommerce transactions without requiring consumers to go through the extra step of entering their passwords or other verification. The solution minimizes disruption and abandonment at the point of purchase, while also helping issuers and merchants reduce fraud losses.

"Cyber Monday is the day when consumers traditionally begin searching the Internet for holiday gifts and sales. Coinciding with this busy online shopping period, Visa is launching Visa Consumer Authentication Service, providing an extra layer of protection to online transactions," said Silvio Tavares, head of global information products for Visa Inc. "This solution is another example of how we use Visa's network intelligence to create tangible value for merchants and our financial institution clients. Because the solution only prompts consumers for verification of the riskiest transactions, most consumers will have a streamlined authentication process when using Verified by Visa."

Visa Consumer Authentication Service is a hosted access control server that provides issuers with the following capabilities:

-- Sophisticated risk-based authentication. Visa Consumer Authentication Service's risk-scoring model takes into account enhanced inputs, including critical information about the device, transaction information and spending profiles. This data will enhance issuers' decision-making ability to identify potential fraud and prompt for verification only when necessary.

-- Dynamic methods of authentication. Visa Consumer Authentication Service supports a wide range of account holder authentication methods. This means higher-risk transactions may be verified by the issuer in a variety of ways including more secure, dynamic methods such as one-time passwords or hardware tokens.

-- Support for mobile. Visa Consumer Authentication Service can be integrated to function through a range of devices including mobile phones and tablets, to ensure consumers have a secure, efficient and reliable payment experience when shopping through another channel beyond the PC.

-- Rules for strategy refinement. Visa Consumer Authentication Service provides issuers with the tools to write additional rules to further refine risk decisioning capabilities.

To learn more about Visa Consumer Authentication Service or to sign up, issuers should contact their Visa account executive.

About Visa

Visa is a global payments technology company that connects consumers, businesses, financial institutions and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world's most advanced processing networks--VisaNet--that is capable of handling more than 24,000 transaction messages a second, with fraud protection for consumers and guaranteed payment for merchants. Visa is not a bank and does not issue cards, extend credit or set rates and fees for consumers. Visa's innovations, however, enable its financial institution customers to offer consumers more choices: pay now with debit, ahead of time with prepaid or later with credit products. For more information, visit www.corporate.visa.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24498
PUBLISHED: 2021-08-02
The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.
CVE-2021-24503
PUBLISHED: 2021-08-02
The Popular Brand Icons – Simple Icons WordPress plugin before 2.7.8 does not sanitise or validate some of its shortcode parameters, such as "color", "size" or "class", allowing users with a role as low as Contributor ...
CVE-2021-24504
PUBLISHED: 2021-08-02
The WP LMS – Best WordPress LMS Plugin WordPress plugin through 1.1.2 does not properly sanitise or validate its User Field Titles, allowing XSS payload to be used in them. Furthermore, no CSRF and capability checks were in place, allowing such att...
CVE-2021-33526
PUBLISHED: 2021-08-02
In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.
CVE-2021-33527
PUBLISHED: 2021-08-02
In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM that won't be validated correctly and allows for an arbitrary code execution with the privileges of the service.