Executive Brief 003
Author: Simon Hewitt, CEIO, OtherPay Pty Ltd
Default security for online shopping
In today’s fast-paced digital economy, online transactions have become the standard for consumer purchases. However, this convenience comes at a price – heightened risks of fraud, chargebacks, and data breaches.
Listen to this article • 6:55 min
While 3D Secure (3DS) was introduced as a means to add a layer of security to these transactions, it is not universally mandatory, leaving both merchants and consumers exposed to significant risks.
Despite the availability of this security tool, its voluntary implementation is often seen as a trade-off for maintaining a seamless user experience.
The Problem with Optional 3D Secure
3DS was developed as a solution to combat fraud in online transactions by requiring consumers to authenticate their identity during the checkout process, typically through a one- time password or biometric verification via a mobile app.
While it provides an added layer of protection, the system has several critical limitations:
1. Optional Adoption by Merchants:
2. Merchant Reluctance and Integration Costs:
3. Impact on User Experience:
3DS introduces an additional authentication step that can be seen as inconvenient for consumers. This extra step has been shown to lead to cart abandonment, as users may be deterred by the delay or the perceived hassle of verifying their identity during checkout. As a result, merchants prioritize a smooth, frictionless experience over security, potentially jeopardizing both customer data and revenue.
4. Exposing Merchants to Chargebacks:
A significant risk for merchants who neglect to implement 3DS is chargebacks. Without 3DS in place, merchants may be unable to defend themselves against fraudulent claims, leaving them liable for the cost of chargebacks. This can have a severe financial impact on businesses, particularly small or mid-sized merchants.
The Case of Roland Sharman and Sail Shade World
A real-world example of the risks associated with not enforcing 3DS comes from the experience of Roland Sharman, the owner of Sail Shade World, an online retailer.
This retailer was exposed to significant chargeback risk due to the lack of 3DS implementation on their payment system. This resulted in 21 fraudulent transactions totalling some AUD$38,000 that were not properly authenticated, ultimately leading to chargebacks being raised against the company.
The inability to protect against these fraudulent claims left Sharman and his business vulnerable to financial losses and reputational damage.
Had 3DS been mandatory or more consistently adopted, Sail Shade World would have been better positioned to protect itself from chargebacks and fraud. However, as it stands, the voluntary nature of 3DS leave merchants like Sharman exposed to significant risks – an issue that continues to affect businesses globally.
Safety Shouldn’t Be an Option – Neither in Cars or Payments
Airbags and seat belts are fitted as standard on every car because safety isn’t something you should have to opt into – it’s a fundamental expectation.
Imagine if car manufacturers didn’t inform consumers about airbags and seat belts and only installed them upon request, treating them as an optional add-on rather than built-in protection. That would be unthinkable. Yet, for onlinepayments, 3DS – an additional layer of fraud prevention – remains optional, left for merchants (who are aware of its existence) to enable at their discretion.
With OtherPay, comprehensive purchase protection isn’t an afterthought – it’s the standard. And it goes beyond the protection merchants receive with 3DS, without any need for the added friction of having to wait for an OTP.
A Superior Solution
In contrast to the fragmented and inconsistent adoption of 3DS, OtherPay offers a more robust, secure, and seamless solution for online transactions.
The DUO and ONE cards provide dynamic, real-time security features that exceed the level of protection offered by 3DS, without requiring merchants to opt-in or make any adjustments to their existing checkout processes while avoiding the added friction introduced by 3DS for the consumer.
Here’s how OtherPay delivers default security for online payments:
1. Dynamic Authentication:
Uses transaction-specific authentication, embedding the user’s PIN in an OTP generated via the OtherPay app and integrated card, unlike 3DS, which relies on OTPs sent via text or email or separate authentication on the issuer’s app.
2. Time-Limited Transactions:
3. No Merchant Opt-In:
4. Seamless User Experience:
Security is embedded into the card, eliminating extra steps or delays at checkout. Consumers enjoy a fast, frictionless purchasing experience without the common 3DS authentication hurdles.
5. Chargeback Protection:
Dynamic authentication significantly reduces fraud and chargebacks. Unlike 3DS OTP verification, authentication is embedded within each transaction, offering superior security – by default.
Conclusion
The absence of mandatory enforcement of 3DS reflects a wider industry bias toward convenience and user experience over the need for comprehensive security.
While 3DS can help reduce fraud, its voluntary nature and reliance on merchants to adopt it leaves both consumers and merchants exposed to significant risks.
The case of Roland Sharman and Sail Shade World illustrates how the lack of consistent security measures can lead to financial losses and reputational damage for merchants who fail to implement 3DS.
OtherPay delivers a solution that exceeds the level of security offered by 3DS, offering dynamic, real-time protection without the need for merchants to opt-in.
By embedding security into the payment method itself, OtherPay eliminates the risks of chargebacks, fraud, and forgotten security implementations, while maintaining a seamless user experience.
With OtherPay, both merchants and consumers can transact with confidence, knowing that every transaction is fully protected by state-of-the-art security measures.
