As EMV reaches critical mass in safeguarding the card present space, fraudulent activity will migrate to card-not-present transactions, as already seen in Europe. ProtectBuy will help reduce the likelihood of fraudulent usage of payment cards.
Three Domain refers to the security from these three domains: 1.) Merchant/Acquirer 2.) Network 3.) Issuer. 3DS creates a secure pipeline across the three parties, which validate a consumer’s identity when they are shopping online.
DCI ProtectBuy offers card not present (CNP) protection based upon the industry’s latest standard for 3D Secure. With Release 16.2 (October 2016), DCI will update its associated fraud rules to support a global liability shift from merchant to issuer for ProtectBuy transactions. Today, issuers must be participating in ProtectBuy for fraud liability to shift away from the merchant. This change will align with the industry, allowing a participating merchant to shift liability to the issuer without requiring the issuer’s participation.
Issuers who wish to reduce their exposure to fraud are encouraged to enroll in ProtectBuy. Interested participants should submit a General Service Request to learn more about how to enroll in DCI ProtectBuy.
To ease the burden of implementation, DCI is working to implement the best possible solution for providing issuers with hosted services. Issuers would have the option to purchase a packaged Access Control Server (ACS) and Risk Engine directly from DCI (an issuer requirement for participation in 3D Secure), with significantly lower fees and effort. We are hopeful this service will be live and ready to onboard participants in Spring 2016.