Back to notes
What does the Directory Server do after mutual authentication is completed?
Press to flip
It routes the collected data to the appropriate issuer via the ACS.
What happens if the authentication process fails during a transaction?
The transaction is denied.
How does 3DS help in preventing fraud in card-not-present (CNP) transactions?
3DS uses multiple data elements and mutual authentication to secure transactions, thereby preventing fraud.
What types of data are collected and sent to the 3DS components during a transaction?
Transaction details and metadata, such as card number.
Which factors are considered by the Access Control Server (ACS) during the risk analysis phase?
Factors include metadata such as location, time, and transaction history.
What is the Access Control Server (ACS) responsible for in the 3DS protocol?
The ACS, managed by the issuer, is responsible for conducting risk analysis.
What role does the 3DS Server play in the authentication process?
The 3DS Server gathers transaction details and metadata.
What happens if the risk analysis deems a transaction high risk?
A challenge, such as a PIN or security question, is sent to complete the authentication.
What is a common misconception about 3DS?
People often think of 3DS in the context of 3D movies, but it is actually a secure authentication protocol designed to prevent fraud in online transactions.
What happens during the 'Initiation' phase of the 3DS authentication process?
A purchase is made online or via mobile.
Outline the basic steps of how the 3DS authentication process works.
1. Initiation of purchase. 2. Data collection. 3. Mutual authentication between 3DS server and directory server. 4. Routing by directory server to appropriate issuer via ACS. 5. Risk analysis by ACS.
What determines if a transaction is confirmed as 'low risk' or 'high risk'?
The ACS evaluates the risk based on metadata. Low-risk transactions are confirmed without additional steps; high-risk transactions require a challenge.
Describe the function of the 3DS Directory Server.
The 3DS Directory Server routes the authentication request to the correct issuer.
What is mutual authentication and why is it important in the 3DS protocol?
Mutual authentication is the process where the 3DS server and directory server establish trust with each other. It is important to ensure the legitimacy of the entities involved.
What is the primary purpose of the 3DS authentication protocol?
The primary purpose is to help merchants prevent fraud in card-not-present (CNP) transactions.
Previous
Next