Xecure3D 3DS 2.0 ACS and 3DS Server Solution

Why 3-D Secure 2.0

Improving security and increasing authorizations for digital transactions

The new 2.0 version supports a real-time, secure, rich data transmission during transactions, enables more contextual data to verify the cardholder's identity, to authenticate customers more accurately to avoid the need for every shopper to actively authenticate with a password. Simplify and enhanced the consumer checkout experiences. Support both mobile app, browser base authentication as well as multiple authentication types such as token-based, biometric and OTP.

Overview

Xecure3D 3DS 2.0 Access Control Server and 3DS Server Solution enable issuing and acquiring banks to participate in the latest EMVCo 3-D Secure 2.0 protocol standard for Visa, Mastercard, American Express, JCB, Discover and UnionPay. The new 3DS protocol adds an additional layer of security for online and mobile credit and debit card transactions. It collects additional payment data to issuers to speed up authentication and checkout payment and boost security.

The new Xecure3D 3DS 2.0 service can be offered as an online white-labelled hosted service, or as a total licensed solution. And, the deployment lead time can be as short as 4 months.

Key Components

For Issuing Bank

Access Control Server (ACS): It manages the authentication process for cardholders. When a cardholder makes a purchase request, the 3-D Secure Requestor initiates the ACS authentication process through 3-D Secure Server and 3-D Secure SDK. In an App-based payment flow, ACS communicates directly with the cardholder through the 3-D Secure SDK to authenticate the identity of the cardholder.
ACS Cardholder Management System (CMS): This web based administration tool of ACS helps issuers to manage cardholder account maintenance, risk decision management, transaction reporting, configuration, user access control and audit trails.

For Acquiring Bank and Merchant (3DS Requestor)

Xecure 3DS Server: It provides the functional interface between the 3DS Requestor system and Card Scheme Directory Server (DS). It provides API calls for 3DS Requestor website or 3DS Requestor mobile APP to initiate the 3DS authentication process.
Xecure 3DS SDK: It provides API calls within the mobile application to collect device information. It also acts as a connector and message handler with ACS during the 3DS 2.0 flow.

Features and Benefits

Features

Support both mobile app and internet web browser authentication.
Support multiple authentication types such as token-based, biometric and OTP.
Support risk-based decisions for Frictionless Flow or Challenge Flow based on the device data obtained through 3DS Client.
Support payment and non-payment authentication.
Extendable to support proprietary Out-of-Band (OOB) authentication used by card issuers.
Powerful and user-friendly web administration tool for bank operators. User access control with audit trails.

Benefits

Flexible and Customizable: Different models support depending on requirements.
High Performance and Scalable: Can be readily scaled to support voluminous requests over time.
User-friendly: Easy-to-operate web-based GUI.
Cost-effective: Flexible solution package and ease of setup and maintenance.
Secure: Advanced security control.
Trusted: With over 15 years of 3-D secure experience in Asia over 15 countries and regions in Asia-Pacific.