Security Experts:

Visa To Implement Risk-based Transaction Analysis

In order to combat e-commerce fraud and related crimes, Visa announced on Monday that it would be adding risk-based analysis to its information products line. The new layer of defense will support the Three Domain (3-D) secure program, which includes Verified by Visa, and is available now.

They’re calling it the Visa Consumer Authentication Service, and it authenticates the customer prior to the authorization process in order to add an additional layer of fraud protection. As the checkout process begins online, a real-time risk assessment is taken based on numerous inputs including device and transaction information and historical spending patterns.

Visa Encryption Service“Because the solution only prompts consumers for verification of the riskiest transactions, most consumers will have a streamlined authentication process when using Verified by Visa,” said Silvio Tavares, head of global information products for Visa Inc.

The result is that issuers can complete lower-risk e-commerce transactions without requiring consumers to go through the extra step of entering their passwords or other verification.

Visa Consumer Authentication Service's risk-scoring model takes into account enhanced inputs, including critical information about the device, transaction information and spending profiles.

It supports a wide range of account holder authentication methods, including dynamic methods such as one-time passwords or hardware tokens. Moreover, it can be integrated to function through a range of devices including mobile phones and tablets, and issuers will have the tools needed in order to further define risk roles.

Existing issuers are asked to contact their Visa representative for more information.

In April, Visa announced "Visa Strategy Manager", a solution designed to help financial institutions create and implement strategies for identifying and stopping fraudulent transactions in real-time at the checkout.

The company also has new encryption service (Visa Merchant Data Secure with Point-to-Point Encryption) on the way for acquirers and their merchants that will help to better secure payment card data. That solution is scheduled to be available in early 2013, Visa said.

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.