Visa pushes for two-factor authenticated transactions

Payment technology company Visa is attempting to drive Australian uptake of its 3-D Secure offering, which adds more security to online payment transactions to reduce credit card fraud.

Last month, a joint strike force took down a counterfeit credit card manufacturing operation in Sydney, New South Wales, potentially stopping AU$5 million in fraudulent transactions. But what has Visa worried is the increase in online fraud, which is categorised as "card not present" frauds. This makes up 71 per cent of credit card fraud that is committed in Australia.

A recent report (PDF) by the Australian Payments Clearing Association showed that credit card fraud is up 50 per cent annually, with online shopping a big driver of the upward trend.

"[Online fraud] is growing at a really rapid rate, and Australia, uniquely in Asia-Pacific, did suffer over the last 12 to 18 months of being targeted by quite a number of international fraud rings," Visa Asia-Pacific director of e-commerce, Justin Roche, said at CA Technologies' CA Expo in Sydney today.

Curbing fraud relies on implementing prevention, protection and response measures, according to Visa, and adding layers of security into online credit card transactions is a good way to approach fraud management, Roche said.

Visa is heavily pushing its 3-D Secure technology, an XML-based protocol invented by the company for online credit card transactions. Online merchants can implement 3-D Secure, which is hosted by the bank of their choice, at their websites' backend for "high risk" transactions. Customers who are registered with the Verify By Visa or MasterCard SecureCode program will receive a one-time password that is sent to their mobile phones to punch in during the payment process.

Online ticket vendor Moshtix implemented 3-D Secure late last year and has seen instances of payment fraud decrease.

According to Roche, there is a AU$500 to AU$1000 initial set-up cost for the 3-D Secure merchant plug-in, and a small transactional fee charged at the payment gateway is managed by the banks for every authenticated transaction.

The cost to implement 3-D Secure is relatively low, but despite having existed for some time, less than 10 per cent of online merchants registered with Visa in Australia have adopted the technology, according to Visa. Adoption rate for 3-D secure in China and India is around 25 to 50 percent.

"What we need to recognise is Australia is becoming a target for a lot of those fraud rings, because we have high levels of online merchant capability, high credit levels on our cards, but at the moment, we still have low levels of penetration for merchants picking up 3-D Secure," Roche said. "It's really important for us that cardholders signing up to 3-D Secure, as well as merchant,s will enable the whole [payment] industry to be more protected as we move forward."

Visa is looking to make it mandatory for certain categories of online merchants to take up 3-D Secure to drive adoption rates. The company is also working with banks to have more customers on the Verify By Visa program.

"Some of the merchants were getting a little annoyed about Visa or the banks asking people to enrol to the program at the point of purchase ... [and] that shouldn't happen," Roche said. "We are now advocating all the banks to automatically enrol their customers and, in some circumstances, high-risk customers to be enrolling in 3-D Secure if they have opted out previously."