Cyber Defense eMagazine December 2019
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
26<br />
The major difference is the addition of a risk-based authentication (RBA) engine. Through effective riskbased<br />
data modeling, the protocol removes the consumer from the equation and subsequently sets the<br />
stage for a vastly improved experience. The only caveat aside from user experience, is that RBA brings<br />
its own set of complexities which should not be overlooked.<br />
The Trials and Tribulations of a Data Overload<br />
As with any model, the more data that can be collected, the better. In 3-D Secure’s case, merchants can<br />
share much more data than before, which ultimately allows issuers to improve their authentication models<br />
over time. The benefit is that when CNP transactions are evaluated with better accuracy, there is less<br />
friction in the purchasing process for the consumer as more transactions are authorized out of sight.<br />
Getting to the point where an improved customer experience is delivered can be the challenge in itself.<br />
To start, there are four different types of data that can be shared: transaction and consumer data,<br />
authentication data, merchant data, and device data. Moreover, not all data points are required or<br />
conditional, meaning merchants can choose what, if anything, they want to pass on to the issuer. Risk<br />
models are developed based on the expectation of access to specific types of information. When that<br />
information is not shared or is incomplete, the model is rendered useless.<br />
The Merchant’s Role in Preventing Skewed Results<br />
There is a disconnect between merchants and issuers that also must to be addressed in order to improve<br />
outcomes across the entire ecosystem. The fees of sending e-commerce transactions through 3-D<br />
Secure are more expensive, meaning there is little or no incentive to do so outside of those transactions<br />
that are already viewed as suspicious or high risk.<br />
In this instance, the model is being fed skewed data, which limits its capabilities in preventing instances<br />
of fraudulent transactions. Issuers therefore need to put a bigger emphasis on helping merchants<br />
envision the long term value of this added cost. In a perfect world where merchants send all their<br />
transactions through 3-D Secure, there would be a reduction in system-wide fraud, false positives,<br />
checkout times and cart abandonment – all cost-effective benefits that lead to higher profits and brand<br />
loyalty for merchants and banks.<br />
We still have a long way to go until merchants are entirely on board, but in the meantime issuers need to<br />
tune their authentication models correctly. There are ways to navigate the unknowns regarding data<br />
collection, one being to create different models for various types of vendors and using them<br />
interchangeably. If an issuer is willing to deploy sophisticated machine learning algorithms, another option<br />
is to create a flexible model that can adapt given the type of data it ends up receiving. Whatever issuers<br />
decide, they definitely have their work cut out for them, but the benefits of 3-D Secure are too valuable<br />
to pass up in the face of a constantly evolving battle against fraud.