Women’s clothing brand Roman Originals has been inundated by calls since the photo became the center of an online debate.
(Page 3 of 4)
Certegy’s database consists of 200 million consumer records, including information about individual’s check writing histories. “We provide a high level of security without going to the extreme of collecting something like a Social Security number,” Whitfield says.
While processors like TeleCheck and Certegy offer proprietary authorization solutions, others offer them on an outsourced basis, usually as part of a package. Paymentech, for instance, introduced its En Garde suite of products in the middle of last year. It offers address verification, authorization through iShopSecure Inc. and Experian, capture of card verification values, fraud scoring through a partnership with Fair, Isaac & Co. Inc., and others. “It’s an easier deployment for the merchant to come through us than to go to fraud services companies directly,” Shirey says. “We can handle all the activities related to a transaction and return one simplified response.”
Similarly, AmeriNet uses outside databases, including Certegy’s. And GO Software, which has marketed to stores since 1991 and e-retailers since 2000, prefers to leave the security functions to others. “We’ve taken the position that rules-based verification is so customized to the merchant that it does not belong in the payments processing piece of the transaction,” says GO Software’s Abruzzio, who notes that GO was an early adopter of card verification values in its payments processing software. “There are a lot of third-party vendors who have that capability and the very big e-retailers have developed their own in-house rules-based systems. Our core competency is payments. Rules-based verification is an auxiliary function of the payments process that other people in the market can do very well.”
In addition to authorizing against databases, some processors have sought to apply intelligence to their authorization decisions. For instance, First National has purchased pre-authorization rules-based security technology from Clear Commerce Corp. and brought the product in house as part of the PayFuse product. Called Fraud Shield, this layer of security allows merchants to customize rules-based transaction screening to fit each one’s type of business, financial requirements and credit policies. It was fully implemented last May, and 420 merchants have converted to it, including 90% of new merchant business First National has signed in the last year. First National is working on converting the balance of existing merchants.
“Bringing the rules-based technology in house allowed us to gain full control of the transaction,” Renzulli says. “It allows us to know where the transaction stands at any point, and it gives us full reporting of what happened to the transaction from the point of entry to depositing of funds in the bank. Having this in-house capability is a major point of distinction between us and our competitors. And the big difference is that we can offer our merchants a more tailored security solution, rather than having to offer a one-size-fits-all service.” It also is implementing a fraud analyzer, also developed by Clear Commerce, that employs neural network technology that scores a transaction for risk based on a computer analysis of more than 20 million chargeback transactions in the cardholder-not-present environment.
Notwithstanding merchants’ reluctance to place another step in customers’ checkout paths or the availability of sophisticated, passive authorization systems, MasterCard and Visa are promoting verification processes by which customers identify themselves with a password at checkout. The bank card associations’ pitch to merchants is that they will relieve merchants of all liability for fraudulent transactions that are completed by customers using MasterCard SecureCode and Verified by Visa systems, as these programs are known.
A defining moment
The systems work like this: Visa and MasterCard issuing banks that sign up to participate in Verified by Visa and MasterCard SecureCode allow their cardholders to choose passwords to use at checkout. Meanwhile, merchant banks sign up merchants to install code to prompt cardholders to input their passwords. On transactions where a customer enters the password and the bank approves the transaction, the merchant incurs no fraud liability.
The program is new enough that merchants aren’t reporting a lot of use or the effect usage has had on their fraud liability. Opinion is mixed as to whether merchants and consumers will go for the program. On the one hand, some merchants and merchant transaction acquirers are attracted to the protection provision. On the other hand, merchants fear that adding a step to checkout will hinder sales.
Shirey of Paymentech characterizes as “a defining moment in payment history” a rule change by Visa coming in April. Under that new rule, a merchant will incur no liability if he attempts to obtain authorization on a Verified by Visa transaction but is unable to do so due to the issuing bank’s failure to respond due to technical reasons, such as a system or network being down. For Visa to require the issuer to take the liability is a radical change in how the bank card associations have done business. “That’s a huge shift,” Shirey says. At the same time, though, he notes, it may not be enough to entice merchants to embrace Verified by Visa. “In our discussions with merchants, adding another step is a very real issue,” he says. “They don’t want anyone interfering with the shopping experience.” As a result, he adds: “Merchants to date have not knocked on our doors in droves over for this.”
Part of the low demand is the result of little marketing thus far, some processors say. While Visa has promoted Verified by Visa to top-tier retailers and has undertaken a consumer ad campaign, the program has registered very little so far, says Abruzzio of GO Software. “It hasn’t penetrated anything beyond the top-tier e-merchants,” he says. “A lot of second- and third-tier merchants haven’t even heard about it, and there has been no data to show its economic benefit. It’s so new you haven’t seen much yet from Visa on how it’s working in the market.”