The explosive growth of eCommerce has focused attention on security concerns associated with online payment transactions. Cardholders worry about the safety of online transactions while card issuers are concerned about balancing the risks and costs of payment fraud with a loss of revenue caused by transaction abandonment. The 3-D Secure protocol allows payment card issuers to reduce fraud in payment transactions by verifying cardholder identity during Card Not Present (CNP) transactions. Before a transaction is authorized, a cardholder can be challenged to enter a password, answer a question, or use some other form of authentication credential. This interruption in the transaction often causes legitimate customers to abandon the purchase resulting in loss of revenue for the issuer. The challenge is how to reduce fraud without impacting the user purchase experience.
Solutions including one-time-password (OTP) generator tokens, do not offer the same level of protection as the ArcotID against attacks such as the man-in-the-middle attack. The ArcotID secure software credential provides protection against common Internet threats and several futuristic attacks that are becoming popular among fraudsters.