The tools build on the vast amount of information Google knows about consumers.
(Page 2 of 3)
Indeed, the simplicity of the programs is one of their strong points. “There is a challenge ahead of both of them to stimulate adoption, but this is definitely the right approach,” says James Van Dyke, founder and principal consultant with Javelin Strategies and Research, San Francisco. “Earlier approaches to offering secure payments over the Internet failed because they either required an arduous software installation or they were limited as to what types of computer systems they could operate on or they required too much work on the part of consumers.”
And outweighing concerns over abandonment is a bigger concern that a lot of consumers-as high as 40%-aren’t shopping online because they are afraid such purchases make them vulnerable to identity theft. Giving them added security is likely to bring more shoppers online and encourage shoppers who had limited their online purchases to a few retailers they trusted to expand their online shopping options. “There is no question that the volume of online retail purchases would be much higher if more consumers were comfortable with shopping online,” Van Dyke says.
Overall, Foster says, retailers are finding the programs effective in reducing fraud, but only if those retailers are using other methods to fight fraud as well. “Everyone is looking for a silver bullet that is going to solve all their problems and that just isn’t going to happen,” Foster says. “If you sign up for Verified by Visa and MasterCard’s SecureCode but don’t do anything else to effectively monitor your fraudulent transactions, it won’t do you any good. But as part of an overall fraud strategy, these programs can offer additional protection.”
The retailers’ perspective
But while Foster says Visa and MasterCard have oversold the program by claiming they will solve all or at least most of the problems retailers face with online fraud, executives of those card companies say their programs were never intended to be the sole answer to fraud. “We tell merchants that they need to take other steps as well to reduce the hacker attacks on their database,” Rutherford says. “We can help them develop the other tools they need to reduce their vulnerability.”
Because Verified by Visa has been in the market longer, more retailers have had sufficient experience with it to be able to point out the benefits and weaknesses, while MasterCard’s SecureCode is still viewed as an unknown. The reaction to Verified by Visa has been mixed.
One retailer impressed with the program is Joseph Parker, director of loss prevention of GoodGuys.com, an online seller of electronics. While the retailer had to temporarily suspend the program due to implementing changes in the site’s database software, Parker says, “We can’t wait to get back on board.”
Unlike other retailers, GoodGuys.com hasn’t had a problem with limited consumer use. “When we first went live, only about 5% to 10% of our sales transactions were coming across with Verified by Visa. But within a week, we were up to 30% and were up to 50% on some days.”
GoodGuys.com has had no evidence of customer abandonment and customer feedback has been positive, Parker says. Most important, Good Guys finds it can spend less time investigating the Verified by Visa transactions than others. “It makes our job easier,” Parker says. “When we see that Verified by Visa seal, we know it doesn’t have to be scrutinized as thoroughly.”
Less enamored with the program is Les Schwartz, president of AIM Marketing, which sells investment books and services online. He likes the concept of the program but has found so few of his customers have cards registered for the program that the effect is negligible.
All or nothing
“I’d love for this program to work, but it has to be all or nothing,” Schwartz says. “If I can’t insist that all my customers use this-and most of them have cards through banks that aren’t even participating-then it is worthless to me.” Schwartz was further frustrated when he tried to sign up several of his own personal credit cards and found the issuers were not participating.
In the middle is Sofia Volpov, president of 1010Tires.com Inc. While Volpov says Verified by Visa overall has been “useful” and that 50% to 60% of total sales orders are coming across with the Verified by Visa seal, it hasn’t been without problems.
1010Tires has used the program to prevent instances of outright fraud-such as several situations where criminals tried to use cards that were registered but were prevented from making a purchase when they didn’t know the password.
But Volpov says problems still result when issuers give a lot of “qualified” approvals. Volpov says when she gets a Code 5 notification from a card issuer, the transaction is approved unconditionally. But she says she often gets Code 6, which indicates the transaction is somewhat vulnerable to problems. “The problem is that we get way too many Code 6s and not enough Code 5s,” Volpov says.
McCarthy, however, explains that Code 6 is most likely an indicator that the cardholder has not registered and used a password, and while Visa and issuers want to get more Code 5s than Code 6s, the important thing to the merchant is that they get full liability protection and lower interchange with either authorization.
Another retailer reports that while his company has evidence that more customers are using the program to shop online, the effectiveness of the program has been tarnished by instances where approvals were denied by issuers that did not have correct information. In several such cases, issuers have used old files without the correct addresses and as a result, denied approvals because the addresses didn’t match.
Furthermore, notes Litan, the Gartner consultant, for these programs to succeed, issuers need to train their staffs thoroughly. She recounts calling her card issuer to question an online purchase that appeared on her own statement. When she explained that her card was protected by Verified by Visa, the employee she spoke to did not know what Verified by Visa was. “This has the potential to be a great service, but issuers have to make sure everyone in their organization knows about it and gets behind it,” she says.