South African e-commerce protests credit-card companies’ Fraud detection system

Tuesday, 06/08/2013 | 00:00 GMT by Adil Siddiqui
South African e-commerce protests credit-card companies’ Fraud detection system

Tension rises as SA online merchants unite against the enforcement of Visa and MasterCard’s 3D Secure, fraud detection system, owing to predicted sales losses.

Several online merchants, including Groupon South Africa, have come together as the Opposition to Credit Card Fraud Alliance (OCFA) against newly enforced bank Regulation for anti-fraud measures (3D Secure): the bank requests a password from the end-user in order for the bank to ensure that the end-user is the legitimate card-holder behind the purchase.

This seems to be an important step in fraud prevention, however, the OCFA insists that the system is not beneficial for various reasons, one being, that loss in sales is an inevitable outcome. It offers support for the prevention of crime in the online space but expresses apprehension with regards to challenges and weaknesses that this particular system brings to South African e-merchants and suggests that some minor changes could make a big difference.

In its address to the Payments Association of South Africa (PASA), the following concerns were raised:

    • Many credit cards cannot, technically, be registered with 3D Secure which leads to the exclusion of consumers.
    • Some credit card companies like American Express and Diners Club, do not use 3D Secure and would not be verifiable.
    • Many merchants have spent heavily on their own fraud detection systems which are more effective.
    • The experience of transacting through the 3D Secure web interface is not considered to be a good one.
    • Online auction companies and group buying websites do not settle all payments since either the tipping point or the minimum bid is not achieved. Because 3D Secure is not able to differentiate between auth and settle (authentication and settlement), these types of businesses would not work.
    • Merchants using 3D Secure have noted many drop-offs in their transaction logs.
    • 3D Secure does not always align with mobile apps.
    • If the system is enforced, merchants may choose to move to international acquiring banks which would harm the South African economy and these merchants will have an unfair advantage over other online providers.
    • The public has not been educated about the system.

The banks, however, stand by 3D Secure, including Jacques Celliers, CEO of FNB (First National Bank) Business Banking, who despite the OCFA’s comment about lack of education, is reported saying: “The solution has been enabled for a number of years now allowing sufficient time for all parties to have their operations aligned and for customers to have become familiar with, both the registration processes that each of their banks offer, as well as the actual online shopping verification processes”. He also indicates that there is little to be done regardless of expressed grievances: “While we always listen to suggestions and try assist retailers as much as possible to deal with changes, FNB is unfortunately not in a position to go against industry mandated rules, and take matters that affect the security of card holder data very seriously”.

While the OCFA does not want to take the grievance too far, it says that if necessary, the group will go to the Competition Commission with the claim that Diners Club and American Express cards would not be verified. In addition, the fact that FNB’s PayPal service does not make use of 3D Secure is something that OCFA believes to be problematic, given the potential benefits for FNB.

Image courtesy of Wikimedia Commons

Tension rises as SA online merchants unite against the enforcement of Visa and MasterCard’s 3D Secure, fraud detection system, owing to predicted sales losses.

Several online merchants, including Groupon South Africa, have come together as the Opposition to Credit Card Fraud Alliance (OCFA) against newly enforced bank Regulation for anti-fraud measures (3D Secure): the bank requests a password from the end-user in order for the bank to ensure that the end-user is the legitimate card-holder behind the purchase.

This seems to be an important step in fraud prevention, however, the OCFA insists that the system is not beneficial for various reasons, one being, that loss in sales is an inevitable outcome. It offers support for the prevention of crime in the online space but expresses apprehension with regards to challenges and weaknesses that this particular system brings to South African e-merchants and suggests that some minor changes could make a big difference.

In its address to the Payments Association of South Africa (PASA), the following concerns were raised:

    • Many credit cards cannot, technically, be registered with 3D Secure which leads to the exclusion of consumers.
    • Some credit card companies like American Express and Diners Club, do not use 3D Secure and would not be verifiable.
    • Many merchants have spent heavily on their own fraud detection systems which are more effective.
    • The experience of transacting through the 3D Secure web interface is not considered to be a good one.
    • Online auction companies and group buying websites do not settle all payments since either the tipping point or the minimum bid is not achieved. Because 3D Secure is not able to differentiate between auth and settle (authentication and settlement), these types of businesses would not work.
    • Merchants using 3D Secure have noted many drop-offs in their transaction logs.
    • 3D Secure does not always align with mobile apps.
    • If the system is enforced, merchants may choose to move to international acquiring banks which would harm the South African economy and these merchants will have an unfair advantage over other online providers.
    • The public has not been educated about the system.

The banks, however, stand by 3D Secure, including Jacques Celliers, CEO of FNB (First National Bank) Business Banking, who despite the OCFA’s comment about lack of education, is reported saying: “The solution has been enabled for a number of years now allowing sufficient time for all parties to have their operations aligned and for customers to have become familiar with, both the registration processes that each of their banks offer, as well as the actual online shopping verification processes”. He also indicates that there is little to be done regardless of expressed grievances: “While we always listen to suggestions and try assist retailers as much as possible to deal with changes, FNB is unfortunately not in a position to go against industry mandated rules, and take matters that affect the security of card holder data very seriously”.

While the OCFA does not want to take the grievance too far, it says that if necessary, the group will go to the Competition Commission with the claim that Diners Club and American Express cards would not be verified. In addition, the fact that FNB’s PayPal service does not make use of 3D Secure is something that OCFA believes to be problematic, given the potential benefits for FNB.

Image courtesy of Wikimedia Commons

About the Author: Adil Siddiqui
Adil Siddiqui
  • 1625 Articles
About the Author: Adil Siddiqui
  • 1625 Articles

More from the Author

FinTech

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}