A recent CardinalCommerce survey said 82 percent of e-commerce merchants who do not employ a consumer authentication solution are afraid that such solutions will scare off online shoppers. But with more and more fraud expected to migrate online in the coming years, the payments industry needs to do a better job of informing merchants why authentication in the card-not-present realm is crucial to data security.
The report, Use of Consumer Authentication in eCommerce: Annual Survey, 2014, conducted jointly with The Fraud Practice LLC, surveyed card issuers, payment gateway operators, acquirers, other merchant service providers and merchants themselves. While a majority of payment service companies employ some type of 3D Secure online authentication, and most large merchants do likewise, the rest of the merchant population, especially in North America, apparently do not.
The report said 55 percent of merchants surveyed, a majority of which are U.S.-based, do not use online authentication, noting that North America is the only world region where less than half of merchants use the technology. And the reason so many U.S. merchants eschew consumer authentication is they see it as a "sales killer," according to the report.
"The main reason appears to be fear, uncertainty and doubt (FUD) about how consumer authentication will impact sales conversion and user experience," the report said. According to the survey, 43 percent of merchant respondents are FUD-preoccupied, with 20 percent concerned about the effect of the technology on sales conversion, 13 percent worried about changing the user experience and 10 percent simply want nothing to do with consumer authentication.
Beyond the FUD concerns, "there is also a very real perception with merchants and service providers that integration is long and difficult," the report said, adding that 21 percent of merchants who do not employ authentication cited the time and/or cost of integration as the barrier.
The solution to merchant adoption of some form of 3D Secure technology is education. The report said many FUD concerns are related to a "hangover effect" caused by bad experiences with previous iterations of consumer authentication. But the report provides evidence that the FUD factor can be overcome because of the "happiness factor" that authentication-using merchants express: 81 percent of merchant respondents showing satisfaction with the solutions they have employed. The report stated nearly half of merchants surveyed said authentication had no effect on sales conversion, either positive or negative; however, almost 20 percent believe it has had a positive effect on sales. The positive result seems to be related to merchants who use authentication selectively, on specific transactions rather than on all of them. Also, 59 percent of merchants overall "say the authentication program brought a decrease in chargebacks, and this is true for more than half of merchants from each geographic region," the report said.
Chandan Mukherjee, co-founder of payment consultancy and software provider PayCube Inc., is not surprised at CardinalCommerce's findings. "The adoption is very low because not many people understand it," he said, adding that online verification does retard the checkout process. However, he noted that if we had this solution "from day one on all e-commerce sites, today nobody would be complaining because people would be used to doing it."
Consumer authentication is also something that requires buy-in from issuers, acquirers and merchants. "It is a participation solution where the issuer and the acquirer have to be participating in it," Mukherjee said. "If you are an e-commerce site and you are certified with Verified by Visa [the card brand's proprietary version of 3D Secure], if the card issuer has not embraced that, then the security will not happen."
Over time, Mukherjee has changed his opinion about the importance of online authentication. He believes the increasing number and frequency of breaches is slowly eroding consumers' trust in the safety of e-commerce. "And that's not good for anybody," he said. "It's not good for the whole ecosystem. … At some point people will come back and say, 'You know what? This is too risky to do online transactions with cards.'"
Before that point is reached, businesses should improve their online defenses, and consumer authentication is central to that defense, Mukherjee said. And with the U.S. payments infrastructure in the process of transitioning to the Europay/MasterCard/Visa (EMV) chip card standard at the physical POS, fraud in the United States will sharpen its focus on the less secure online channel.
"EMV will do a lot of good in terms of card present security," Mukherjee noted. "But it does not do anything for card-not-present [environments]. … We have to go to a 3D Secure type solution." 
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Prev Next
