Presentation is loading. Please wait.

Presentation is loading. Please wait.

Guaranteed Payments for E-Commerce Transactions A New, Universal Solution from MasterCard MasterCard Proprietary Mark Patrick Vice President - Interactive.

Similar presentations


Presentation on theme: "Guaranteed Payments for E-Commerce Transactions A New, Universal Solution from MasterCard MasterCard Proprietary Mark Patrick Vice President - Interactive."— Presentation transcript:

1 Guaranteed Payments for E-Commerce Transactions A New, Universal Solution from MasterCard MasterCard Proprietary Mark Patrick Vice President - Interactive Services MasterCard International

2 Guaranteed Payments Increased Consumer Confidence and Spending Security in Cross-Border Transactions MasterCard Proprietary

3 E-Commerce Market Challenges Fear of fraud remains barrier to converting online browsers to online shoppers Fear of fraud remains barrier to converting online browsers to online shoppers Consumer Internet purchases generally restricted to domestic marketplaces Consumer Internet purchases generally restricted to domestic marketplaces Consumers

4 Issuers E-Commerce Market Challenges Mounting costs from processing online chargeback disputes Mounting costs from processing online chargeback disputes Higher decline rates for online transactions Higher decline rates for online transactions –Lessened revenue Consumer confidence in online channel affected by stream of fraud reports in media Consumer confidence in online channel affected by stream of fraud reports in media

5 Merchants and Acquirers E-Commerce Market Challenges No guarantee of payment for merchant No guarantee of payment for merchant –Online chargebacks growing –Bears all risk for non-signature based transactions –Online fraud losses mounting Lack of consistent mechanism to authenticate the buyer to the seller Lack of consistent mechanism to authenticate the buyer to the seller –Privacy laws restrict use of authentication tools –High accountholder decline rate – limits activity, especially for cross-border transactions

6 6 *Source: INET Reports, 4th Quarter 2000 Findings As a result, merchant chargeback expenses for online transactions are increasing As a result, merchant chargeback expenses for online transactions are increasing “Reason code 37” chargebacks now represent as much as 84%* of all e-commerce chargebacks “Reason code 37” chargebacks now represent as much as 84%* of all e-commerce chargebacks Chargeback Purchase

7 Introducing... UCAFSPA

8 8 Consumer Rationale Consumer Rationale  “Secure” is reassuring and strong.  “Code” is secret, private and stronger than “password”

9 9 SecureCode Objective Fully Guaranteed Transactions Proposal is to eliminate RC 37 “Fraudulent Transaction - No Cardholder Authorization” chargebacks for any electronic/mobile commerce transaction that is processed and authorized in accordance with all of the elements of the guaranteed transaction model by both the issuer and the merchant/acquirer Proposal is to eliminate RC 37 “Fraudulent Transaction - No Cardholder Authorization” chargebacks for any electronic/mobile commerce transaction that is processed and authorized in accordance with all of the elements of the guaranteed transaction model by both the issuer and the merchant/acquirer

10 10 Why Fully Guaranteed Transactions  Extend the MasterCard guarantee of payment from the physical POS to new points of interaction  Increase consumer confidence in new channels  Improve acceptance and preference for MasterCard at remote points of interaction  Reduce chargebacks and fraud  Increase overall electronic/mobile commerce transactions, approval rates, and GDV

11 MasterCard SecureCode Components

12 12 Objective: Universal Cardholder Authentication Field (UCAF TM ) Collect and transport an indisputable electronic receipt that binds the accountholder to a unique transaction and provides the basis for a guaranteed transaction Collect and transport an indisputable electronic receipt that binds the accountholder to a unique transaction and provides the basis for a guaranteed transaction

13 13 UCAF Solution Overview Establishes one interoperable and standardized data transport infrastructure for all secure online and wireless payments, including both credit and debit Establishes one interoperable and standardized data transport infrastructure for all secure online and wireless payments, including both credit and debit Offers a universal method of collecting accountholder authentication data at the merchant virtual point-of-sale Offers a universal method of collecting accountholder authentication data at the merchant virtual point-of-sale Provides the infrastructure for transporting accountholder authentication data from merchants, acquirers, networks to an issuer Provides the infrastructure for transporting accountholder authentication data from merchants, acquirers, networks to an issuer

14 14 UCAF Solution Overview UCAF consists of two components, a series of discreet, hidden fields: UCAF consists of two components, a series of discreet, hidden fields: –UCAF Data Infrastructure –UCAF Authentication Data Field Interacts with a wide variety of issuer security schemes including, MasterCard’s Secure Payment Application (SPA) Interacts with a wide variety of issuer security schemes including, MasterCard’s Secure Payment Application (SPA)

15 15 Merchant Name Card Acceptor City Card Acceptor State / Country Code Currency Code Sale Amount Merchant Transaction Stamp UCAF Authentication Data Field UCAF Enabled UCAF Brand Carries security token The UCAF Authentication Data Field is first among equals in the UCAF data infrastructure UCAF Data Infrastructure

16 16 Acquirer UCAF data (unaltered) UCAF data (unaltered) MerchantIssuer Acquirer UCAF Components Merchant point of sale (POS) interface passes the UCAF authentication data Merchant point of sale (POS) interface passes the UCAF authentication data Acquirer systems collect and pass UCAF data Acquirer systems collect and pass UCAF data Acquirer systems must support DE48, the expanded sub- element 42 and the new sub-element 43 Acquirer systems must support DE48, the expanded sub- element 42 and the new sub-element 43

17 Acquirer UCAF Environment Issuer Accountholder Merchant Name Card Acceptor City Card Acceptor State/Country Code Currency Code Sale Amount MTS (optional) UCAF Authentication Data Field Account Number Expiration Date CVC2 UCAF Enabled UCAF Brand Present, Collect, Pass Issuer-Defined Security Token carried via UCAF Authentication Data Field Accountholder shops with an Issuer defined security solution that uses the UCAF structure Issuer validates and authorizes defined security token The UCAF Environment Merchant

18 18 Merchant Responsibilities Update website to include UCAF hidden data fields Update website to include UCAF hidden data fields Evaluate server capabilities Evaluate server capabilities Contact your transaction processor to arrange UCAF support Contact your transaction processor to arrange UCAF support

19 19

20 MasterCard SPA  Using the UCAF Infrastructure

21 21 What is SPA? Secure Payment Application Secure Payment Application MasterCard’s preferred issuer-based security scheme for remote transactions MasterCard’s preferred issuer-based security scheme for remote transactions Utilizes the UCAF data transport infrastructure to provide an effective online consumer authentication tool Utilizes the UCAF data transport infrastructure to provide an effective online consumer authentication tool

22 22 What is SPA? SPA defines the protocols, messages, message formats, and data requirements for an overall issuer-centric remote security solution SPA defines the protocols, messages, message formats, and data requirements for an overall issuer-centric remote security solution Based on MasterCard IPR, SPA is licensed separately to vendors as well as end users (members) to work in conjunction with existing infrastructures, like wallets or pseudo account schemes Based on MasterCard IPR, SPA is licensed separately to vendors as well as end users (members) to work in conjunction with existing infrastructures, like wallets or pseudo account schemes Vendor solutions will go through a SPA and UCAF certification process Vendor solutions will go through a SPA and UCAF certification process

23 23 How Does SPA Work? An issuer’s SPA enabled server generates a unique security token—similar to a signed electronic receipt— called an Accountholder Authentication Value or AAV An issuer’s SPA enabled server generates a unique security token—similar to a signed electronic receipt— called an Accountholder Authentication Value or AAV It populates the UCAF infrastructure at the merchant pay page and is transported back to the issuer for verification during authorization It populates the UCAF infrastructure at the merchant pay page and is transported back to the issuer for verification during authorization SPA enabled transactions can be recognized through the use of unique control bytes assigned and managed by MasterCard SPA enabled transactions can be recognized through the use of unique control bytes assigned and managed by MasterCard

24 SPA Environment SPA Server 1) Accountholder fills out Merchant Pay Page 2) SPA solution detects hidden fields on merchant payment page 3) SPA solution launches 5) SPA solution populates hidden UCAF data field with AAV 6) AAV passed unaltered via UCAF data field to Acquirer 4) Accountholder is verified by Issuer SPA server 7) Acquirer passes AAV via UCAF data field unaltered to payment network -Generate and store AAV data -Validate AAV during authorization authorization 8) AAV validated by SPA server The SecureCode Environment Acquirer UCAF Environment Issuer with SPA server Accountholder with SPA solution Merchant

25 *********

26 MasterCard Solutions for Issuer and Acquirers

27 27 Solutions For Issuers - Options Build an in-house solution for SPA and 3D Secure Outsource to a third party –“Verified by Visa” –MasterCard’s Managed Service for SPA & 3D –Others: e.g. Cyota

28 28 Solutions For Issuers - Options (cont.) Build an in-house solution for SPA and 3D Secure Difficult to build the business caseDifficult to build the business case Uncertain environmentUncertain environment Expensive to maintainExpensive to maintain More controlMore control

29 29 Solutions For Issuers - Options (cont.) Outsource to a third party –“Verified by Visa” –MasterCard’s Managed Service for SPA & 3D –Others like: e.g. Cyota MasterCard’s Managed Service provides a local solution for all your cardholdersMasterCard’s Managed Service provides a local solution for all your cardholders Very cost effectiveVery cost effective

30 30 Objectives of Managed Service Remove financial barriers to implementing SPA - improved business case - significantly reduces chargeback costs Provide flexible platform for bank branded services Support multiple authentication methods as required - SPA - 3D-Secure Complimentary to MIGS service

31 31 Maestro Module 3-D Secure Module SPA Module Future Protocols ActiveAccess Authentication Engine Cardholder Applet Cardholder Browser Cardholder Mobile Device Cardholder Plug-in (Chip) Cardholder Access Method Multiple Standards - One Issuer Solution

32 AAV Verification Module HSM Issuer Authorization Host Data Upload Module Issuer’s Existing Card Management System Cardholder Data MIP/ VAP Acquirer Host/ Switch/ Gateway Internet Payment Gateway Merchant Web Storefront MPI Browser SPA Applet Visa Directory Server SPA Applet Download Server Download Server Cardholder Enrollment Cardholder Authentication Data HSM Batch Browser Download Enrollment Enrollment/ Download Shopping Issuer Administration and Registration UCAF SPA Module (AAV generation) 3D Secure Module (ACS) ACTIVE ACCESS SERVER BankNet/VisaNet MasterCard APC Issuer’s Datacenter

33 33 MIGS MIGS is a turn key payment gateway, that significantly reduces the complexity and costs of acquiring, enabling, supporting and processing for Card Not Present merchants. MIGS is a turn key payment gateway, that significantly reduces the complexity and costs of acquiring, enabling, supporting and processing for Card Not Present merchants. MIGS leverages the Bank’s existing transaction processing connectivity to MasterCard’s Banknet ® Global Network. MIGS leverages the Bank’s existing transaction processing connectivity to MasterCard’s Banknet ® Global Network. Solutions for Acquirers

34 34 Why MIGS for the Member Bank ? Banks lack business case yet face losing Merchants Banks lack business case yet face losing Merchants MIGS takes investment risk away from Member Bank MIGS takes investment risk away from Member Bank Outsourcing with benefits of in-house and more Outsourcing with benefits of in-house and more MIGS is quicker to market (2 months instead of 12) MIGS is quicker to market (2 months instead of 12) Much lower cost and off balance sheet! Much lower cost and off balance sheet! MIGS is a high value added service… from MasterCard to its Member Banks

35 MIGS Architecture MIGS Authenticated with Digital Certificate BANKNET Banks and Card Schemes Integrated MIGS Payment Solution Merchant/Enterprise/ Portal Server(s) Online Store - - E-commerce - - M-commerce - - T-commerce Call Center - - Telesales - - IVR Electronic BillPresentment Business Systems - - ERP - - CRM E-ProcurementPortal Internet & Private Digital Order (DO) Digital Receipt (DR) Merchant Administration and Reporting Subsequent Transactions - - Capture / Refund - - Reconciliation - - Enquiries & Reports

36 36 MERCHANT WEB Site RSC Cardholder MIGS Payment Server MIGS - Switch to Issuer 5 Acquirer Issuer

37 MasterCard Guaranteed Payment Milestones

38 Implementation Timeline 1 April April 2002  Issuers and Acquirers Support System Requirements 1 November November 2002  Liability shift for full UCAF authorizations –Rules changes for Chargeback Reason Code 37 become effective for electronic and mobile commerce fully guaranteed transactions –No liability shift for issuers that do not populate the UCAF field 1 April April 2003  Proposed Asia Pacific liability shift 1 April April 2003  Determine position on global liability shift MasterCard Proprietary

39


Download ppt "Guaranteed Payments for E-Commerce Transactions A New, Universal Solution from MasterCard MasterCard Proprietary Mark Patrick Vice President - Interactive."

Similar presentations


Ads by Google