Launching 3D Secure!


(MikeF) #205

No, I think the liability still moves from the merchant to the bank (which is the point). Once it belongs to the bank, it’s up to them how to handle it, either by seeking a customer approval or pushing it through immediately.

(I don’t work in banking so I’m not guaranteeing the accuracy here)


#206

Maybe they have an algorithm that detects more fradulant looking transactions and makes you use 3DS.

If you made lots of small transactions all at once it might make you verify or if you made a unusual large one


(Peter Shillito) #207

Most banks have an algorithm based on how likely you are to be making each purchase, which is why you get fraud phone calls and stuff from high street banks. When I shopped with a NatWest card, I wouldn’t see the 3D Secure thing very often, but with Monzo it showed up every time, until now.


(Gracjan Deresz) #208

Great news!
Many websites require 3D secure.


(Michael) #209

Saw this with South Western Railway website on Wednesday morning

Got the pop up to approve, but then surprised that it went through at both ends

Imagined it was a not unwelcome change to the process, but maybe needs a bit of tweaking :slight_smile:


(Neil) #210

It’s the season for online shopping, and I’ve noticed that every transaction I’ve placed using 3d-secure recently hasn’t actually required any intervention. The 3d-secure message says “We’ve automatically approved this transaction”. I get the notification to approve on my phone but if I tap into it, by the time the app opens, the transaction’s already gone through.

I wonder if anyone has any inside info on when 3d-secure actually requires/doesn’t require intervention?

EDIT: So this was a separate post that’s been merged in here and I can see that folks are already talking about this subject. Cool!


(Jack) #211

It sure seems like a higher number of transactions are being auto approved which is great! I’ve noticed this recently myself.

I doubt they’d be able to talk about this otherwise it may allow people to get around the system.


(Andy) #212

I’m seeing more and more auto approvals which is great news!


(Jonathon) #213

Where? I haven’t had a single one so far.


#214

Example: I bought a membership for Cineworld for under a fiver and had to verify via the app. Previously I had used a Natwest card which Natwest auto approved, no password needed, so we know they use 3D. a minute later I bought a cinema ticket and that was auto approved.

The orginal implementatation which required random letters of a password which you had long forgotten led to many abandoned puirchases. I eventually stopped using any merchant that required it. I can’t have been the only one. Once the new risk assessed method came in, I started using them again.


#215

I imagine it must be a bug that it

  1. automatically sends the notification then
  2. Decides that this is a low risk transaction so automatically authorises it itself.

I imagine there is a reason it is this way around but ideally it would be the otherway around


#216

Had one on Amazon the other day and trainline as well so I think most companies. I guess yours are low risk so have been auto approved without you notficing


#217

Amazon don’t use 3D secure and never have to the best of my knowledge.


(Andy) #218

Correct, they don’t even process CVV code


(Neil M) #219

Does the algorithm learn per say - i.e each person has a 3D Secure profile of their habits etc.


#220

It’s quite complex. Details here.


#221

Any ideas why they dont but other companies do?


#222

Yes, they knew it introduced too much friction and would lead to many abandonded purchases. I assume they opted to take more risk and use their own fraud preventiion methods. E.g. if you request shipping to a new address they require you to re-enter your card details. They will have other non-public risk assesment algorithms.


(Neil M) #223

I’m curious to know why your fiver example the 3D Secure flagged it. When it should have flagged it as a low risk purchase? As on the whole only 2% of transactions are deemed high risk. I would assume that is based off merchant data from the website. What would be interesting would be how many times you get flagged if you use a VPN in contrast to not using one. As I assume there are lots of metrics that are taken into account such as value of transaction, location and search history


#224

I assume, but do not know, that the fiver purchase required verification because it was the first purchase with the card at that merchant.