Main | Admin

« | »

Time to use Verified by Visa and MasterCard SecureCode?

jjensen | 09 May, 2006 08:54

My picture!

The Verified by Visa and MasterCard SecureCode programs have not really caught on with cardholders or merchants since their introductions in 2001. The programs were designed to increase both cardholder and merchant confidence in Internet purchasing and reduce disputes and fraudulent activity related to card use.

Since the liability shift from acquirers to issuers for fraudulent card use became effective, however, the programs have provided real value for merchants. For merchants to use Verified by Visa and SecureCode on their e-commerce sites, they must purchase a simple plug-in software module that determines cardholder participation in the service and establishes an Internet connection.

This enables issuers to authenticate cardholders. The implementation process for merchants was at first somewhat complex, but today the various vendor solutions have made it much easier.

The card Associations have marketed Verified by Visa and SecureCode to increase cardholders' confidence in making more online purchases, but the programs really do nothing for cardholders.

In fact, they may take away some of the cardholders' chargeback rights because the issuers cannot pass on the loss to the acquirers and are less likely to credit cardholders when the funds come from the issuers.

The card Associations' zero liability policies have already virtually eliminated consumer liability in cases of card fraud for all transactions.


More for merchants

The programs do a lot for online merchants, though, especially now with lower rates for Verified by Visa and SecureCode transactions. When properly used, the programs eliminate chargebacks for fraudulent transactions. The risk of loss remains with issuers. This is a huge benefit to acquirers and online merchants who have been plagued with "I didn't do it" chargebacks, such as:

  • Visa Reason Code 83: Fraudulent Transaction-Card Absent Environment
  • Visa Reason Code 75: Cardholder Does Not Recognize Transaction
  • MasterCard Reason Code 37: No Cardholder Authorization.

Free network vulnerability scans

To make it easier for merchants to understand, adopt and comply with the Payment Card Industry (PCI) Data Security Standard, MasterCard recently announced the global availability of free network scans for merchants.

Scanning is one of the steps required for many merchants to achieve compliance with PCI. This offering by select companies will allow merchants to learn more about network vulnerabilities and how they can improve network security and achieve PCI compliance. (Go to www.mastercardsecurity.com to find links to the participating security companies.)

Merchants have been slow to adopt Verified by Visa and SecureCode primarily because of the added cost and because of the fear of lost sales due to consumer abandonment before finalizing the transaction.

The true measure should be the merchants' net income rather than the gross sales. Many abandoned sales are fraudulent transactions anyway. The savings from reduced chargebacks and fees and lost product and the new interchange discounts may offset the merchants' upfront expense and extra cost for the services. Both card Associations have a lot of information available on their Web sites that ISOs and MLSs can review to learn more about the programs and to find information helpful to their merchants. Visit:

usa.visa.com/business/accepting_visa/ops_risk_management/vbv.html

www.mastercard.com/us/merchant/security/what_can_do/SecureCode/index.html

Payment Processing :: Comment (0) :: Permalink :: Trackbacks (0)