Transaction Security
H017WR70
H017WR70
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
CEO Interviews<br />
Michael Keresman, CardinalCommerce (cont.)<br />
“CCA is different<br />
because Cardinal<br />
is the only one in<br />
the market that<br />
provides this<br />
service or anything<br />
like it. The market<br />
essentially relies<br />
on two mutually<br />
exclusive parties<br />
to help take fraud<br />
out of the system.”<br />
How is Cardinal’s Consumer Authentication (CCA) service different from other providers in the marketplace?<br />
CCA is different because Cardinal is the only one in the market that provides this service or anything like it. The market essentially relies on<br />
two mutually exclusive parties to help take fraud out of the system. Merchants use fraud screening services and issuers use their version of<br />
risk mitigation technologies. Each of the parties attempts to assess which orders are “suspicious” and depending on their respective criteria,<br />
eliminates those orders. Merchants won’t submit their suspicious orders for authorization and issuers will not authorize orders that fall into<br />
their criteria of such.<br />
In the POS world, there are many specifics regarding a transaction: the store, POS terminal and the consumer can be identified fairly easily<br />
… but online, not so much. Remote commerce has inherent suspicions that the POS world does not have.<br />
The end result is both sides of the transaction (the merchant and the IB) grind down potential orders to the lowest common denominator of<br />
“good” orders, because their respective systems use mutually exclusive information and approaches. Good orders that the issuer might<br />
authorize are thwarted by the merchants’ fraud screening services, and orders from the merchant’s perspective that are “good” are not<br />
authorized by the issuer. Only CCA creates a collaborative approach in which there is visibility in how each side would treat the transaction,<br />
essentially increasing the authorization yield from the lowest common denominator of “good” orders to the highest common denominator of<br />
“good’ orders. Yet, and importantly, both sides still have veto power when the order is very suspicious. It may be easiest to understand this as<br />
a classic 2 X 2 matrix; yes/yes, yes/no, no/yes and no/no. In the yes/no and no/yes the respective “yes” side can decide to accept the<br />
transaction, whereas without this approach those orders would most likely be declined or not authorized.<br />
Both the merchants and issuers have a vested interest in ensuring “good” orders are not thwarted. Sometimes the merchant has the better<br />
vantage point in knowing what is good and other times the issuer does. CCA, more or less, creates a real-time arbitrage of determining the<br />
quality of an order with this collaborative approach.<br />
Why can’t acquirers, networks and issuers solve authentication / fraud problems themselves?<br />
The acquirers, networks and issuers are connected to each other through the authorization stream (authorize, capture and settle<br />
transactions) after the order begins to be processed. In the POS world, the authentication happens at the cash register, the card is verified<br />
and the consumer, if necessary, is authenticated prior to “swiping” the card. For remote transactions, there is not a way to validate the card<br />
(i.e. card swipe), nor authenticate the consumer, prior to requesting an authorization, without Consumer Authentication.<br />
Simply put, the vast and complex card processing system was designed to authorize, capture and settle payments for the face-to-face, or<br />
POS, world. The merchant is responsible in the POS world to authenticate the consumer is who he says he is. The merchant needed to figure<br />
out how to authenticate consumers for Card-Not-Present (CNP) commerce.<br />
That is where Cardinal comes in. With CCA, this challenge is successfully addressed by arranging a private session with the consumer’s<br />
funding source or IB, BEFORE there is a request to authorize the payment. There are literally billions of consumers, millions of merchants and<br />
thousands of issuing banks, and the permutations and combinations of merchant/bank processors, software/hardware systems and<br />
connectivity is almost beyond comprehension. Cardinal leverages 3DS, enables over 100 payment brands, harmonizing transactions through<br />
this maze.<br />
34