W3C home > Mailing lists > Public > public-webpayments@w3.org > August 2013

Resurrection of 3D Secure (VbV/SecureCode)

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Fri, 09 Aug 2013 08:17:22 +0200
Message-ID: <52048972.3060707@gmail.com>
To: public-webpayments@w3.org
Dear List,
As you probably know the big credit card networks already back in 1999 launched a "Web Payment" scheme called 3D Secure.

Nowadays it is known as VbV (Verified by VISA) and SecureCode (MasterCard's variant).

Short description:
- The payment request (from the merchant) is routed (redirected) to the card issuer.
- The issuer performs an extra authentication step for the cardholder which results in a signed card holder authenticity response which gives the merchant assurance that the payer is legitimate.

3D Secure system is mandatory in Scandinavia but have without exception being ignored by US e-tailers.  IMNSHO, 3D Secure is probably the most user-hostile payment-system ever.

So why bother?  I do because the core concept is cool and could in a revised format become useful.  Currently we are stuck with "User ID" (Card Number) and "Password" (CCV) printed in clear (!) on the card and that is neither convenient nor secure.

http://lists.w3.org/Archives/Public/public-webpayments/2013Aug/0001.html

thanx,
Anders
Received on Friday, 9 August 2013 06:17:57 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:24 UTC