Wednesday, June 18, 2014
The report, Use of Consumer Authentication in eCommerce: Annual Survey, 2014, conducted jointly with The Fraud Practice LLC, surveyed card issuers, payment gateway operators, acquirers, other merchant service providers and merchants themselves. While a majority of payment service companies employ some type of 3D Secure online authentication, and most large merchants do likewise, the rest of the merchant population, especially in North America, apparently do not.
The report said 55 percent of merchants surveyed, a majority of which are U.S.-based, do not use online authentication, noting that North America is the only world region where less than half of merchants use the technology. And the reason so many U.S. merchants eschew consumer authentication is they see it as a "sales killer," according to the report.
"The main reason appears to be fear, uncertainty and doubt (FUD) about how consumer authentication will impact sales conversion and user experience," the report said. According to the survey, 43 percent of merchant respondents are FUD-preoccupied, with 20 percent concerned about the effect of the technology on sales conversion, 13 percent worried about changing the user experience and 10 percent simply want nothing to do with consumer authentication.
Beyond the FUD concerns, "there is also a very real perception with merchants and service providers that integration is long and difficult," the report said, adding that 21 percent of merchants who do not employ authentication cited the time and/or cost of integration as the barrier.
The solution to merchant adoption of some form of 3D Secure technology is education. The report said many FUD concerns are related to a "hangover effect" caused by bad experiences with previous iterations of consumer authentication. But the report provides evidence that the FUD factor can be overcome because of the "happiness factor" that authentication-using merchants express: 81 percent of merchant respondents showing satisfaction with the solutions they have employed.
The report said nearly half of merchants surveyed said authentication had no effect on sales conversion, either positive or negative; however, almost 20 percent believe it has had a positive effect on sales. The positive result seems to be related to merchants who use authentication selectively, on specific transactions rather than on all of them.
Additionally, the technology results in many merchants experiencing lower numbers of chargebacks. "Amongst merchants, 59 percent overall say the authentication program brought a decrease in chargebacks, and this is true for more than half of merchants from each geographic region," the report said.
Chandan Mukherjee, co-founder of payment consultancy and software provider PayCube Inc., is not surprised at CardinalCommerce's findings. "The adoption is very low because not many people understand it," he said. Additionally, online verification does retard the checkout process as a second screen pops up that consumers must navigate in order to proceed with the purchase, he noted.
However, these barriers can be overcome with education and simply getting people comfortable with the technology. "If we had this solution from day one on all e-commerce sites, today nobody would be complaining because people would be used to doing it," Mukherjee said.
It is a question of achieving ubiquity rather than taking a piecemeal approach to implementation. "It is a matter of if you do it at one place or every place," Mukherjee stated. "If you have to do it at only one location that makes that site really secure, you might say, 'You know what, this thing is a pain, man. It's asking too much information.' But if all sites ask the same question, you get used to it."
Consumer authentication is also something that requires buy-in from issuers, acquirers and merchants. "It is a participation solution where the issuer and the acquirer have to be participating in it," Mukherjee said. "If you are an e-commerce site and you are certified with Verified by Visa [the card brand's proprietary version of 3D Secure], if the card issuer has not embraced that, then the security will not happen."
Over time, Mukherjee has changed his opinion about the importance of online authentication. He believes the increasing number and frequency of breaches is slowly eroding consumers' trust in the safety of e-commerce. "And that's not good for anybody," he said. "It's not good for the whole ecosystem. … At some point people will come back and say, 'You know what? This is too risky to do online transactions with cards.'"
Before that point is reached, businesses should improve their online defenses, and consumer authentication is central to that defense, Mukherjee said. And with the U.S. payments infrastructure in the process of transitioning to the Europay/MasterCard/Visa (EMV) chip card standard at the physical POS, fraud in the United States will sharpen its focus on the less secure online channel.
"EMV will do a lot of good in terms of card present security," Mukherjee noted. "But it does not do anything for card-not-present [environments]. So how are we going to contain the online fraud? We have to go to a 3D Secure type solution "
Editor's Note:
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.