Secure Card Tips

Useful to verify that the customer has access to their bank account online or through an authenticated channel. There are two checks with this verification.

The first is a 3-D Secure authentication check. This step confirms the customer is appropriately authenticated by their bank if enrolled. Typical for 3DS1, that means they received a code from their bank to verify the transaction. For 3DS2, they usually won’t need to do anything extra for the authentication part. This first check stops many fraudulent transactions as the bank verifies their identity. There are still methods to bypass the check involving SIM swaps, which are rare.

The second check also protects against some shortcomings of 3-D Secure or if the card doesn't support 3DS. It requires the customer to know the random amount charged. For most customers it will involve them logging into their bank account online or calling their automated support line for recent activity. Most fraudsters are unable to compromise the customer bank account access; instead, they just have the card and cardholder information. Once a customer completes the verification, you can analyze the information for important details. The card name, BIN, last 4, expiration should match previous transactions. Also, the number of attempts to verify can help determine any issues. Lastly, some customers will have trouble finding the amount, and banks vary on easiness to access the information on time. Common problems usually revolve around a foreign card that adds in FX fees (Custom descriptors are possible as a workaround) or long delays in statement updates. A process to handle outliers should be in place with either a manual check or backup verification methods.