Verified by Visa
Verified by Visa (VbV) is a card authentication service for Visa credit and debit cards. Visa developed VbV as an additional security layer to help protect merchants that accept cards over the internet. Based on the 3-D Secure protocol, VbV benefits participating e-commerce merchants in the following ways:
- Reduces merchant liability for fraud resulting from accepting unauthorized Visa cards.
- Minimizes chargebacks. Merchants who use VbV are protected from fraud-related chargebacks on all personal Visa cards – credit or debit – whether or not the issuer or cardholder is participating in VbV, with limited exceptions.
- Provides a safer place for consumers to shop.
- In many cases using VbV lowers participating merchants’ Visa credit card processing costs. Depending on the structure of your pricing agreement, you could qualify for lower discount fee on internet transactions that use VbV. To take advantage, you should require that your pricing is based on the interchange-plus model.
Merchants offering VbV to their customers must install a software module called a Merchant Plug-In (MPI), on their hosting server. The plug-in is easily installed and is compatible with all major eCommerce systems.
To use Verified by Visa, cardholders must first activate their cards. The activation can be done in one of several ways:
- Card issuers usually provide an online activation site and have integrated Verified by Visa activation in the card issuer’s online banking site. Cardholders should have an easy access to the activation site or they can ask the card issuer for assistance.
- Visa, card issuers, and participating merchants may display “Activation Anytime” banners or buttons that enable cardholders to activate their Visa card by clicking on the banner or button and following the prompts.
- Cardholders may also register with VbV during shopping, on the merchant’s website.
Once VbV is activated, a Visa credit or debit card is automatically recognized when used for purchases at participating eCommerce websites. The verification process goes through the following stages:
- When ready to finalize a purchase, a Visa cardholder clicks “Complete Order” or an equivalent option at the checkout. Software previously installed on the merchant website’s server recognizes a VbV eligible Visa card account and initiates the next steps of the process.
- At this time a Verified by Visa page appears in a new browser showing the merchant website’s URL. If the cardholder has previously activated the card with Verified by Visa, he or she will be asked to enter the password that they created during the activation process. There is an option for retrieving forgotten passwords as well. If the cardholder has not previously activated the card, he or she may be asked to do so now. If the card issuer does not participate in Verified by Visa, no cardholder interaction takes place. However, the merchant still qualifies for certain fraud liability protection. The merchant receives an “Attempted Authentication” response with authentication data to be submitted with the authorization request as proof of qualification for chargeback protection for the transaction.
- The card issuer verifies its cardholder’s identity for cards that have been activated and sends a response to the merchant with the authentication result. If the authentication fails, the merchant should request an alternative payment method.
- When the Verified by Visa verification process is complete, the merchant includes the authentication data received from the card issuer with the transaction authorization request.
Merchants participating in VbV get additional chargeback protection:
- If the cardholder is successfully authenticated, the merchant is protected from fraud-related chargebacks, and can proceed with authorization using Electronic Commerce Indicator (ECI) of “5.”
- If the card issuer or cardholder is not participating in Verified by Visa, the merchant is protected from fraud-related chargebacks, and can proceed with authorization using ECI of “6.”
- If the card issuer is unable to authenticate, the merchant is not protected from fraud-related chargebacks, but can still proceed with authorization using ECI of “7.” This condition occurs if the card type is not supported within VbV or if the cardholder experiences technical problems.
If you decide to implement Verified by Visa into your fraud prevention strategy, contact your payment processing provider and make sure they support the service. Most processors now support it and will be able to help you integrate it into your system.
MasterCard’s equivalent to Verified by Visa is MasterCard SecureCode.
Says:
May 28th, 2010 at 6:45 pm
[...] you are using Verified by Visa or MasterCard SecureCode, you should display their logos on your home page, security information [...]
Says:
May 30th, 2010 at 12:44 pm
[...] by Visa and MasterCard SecureCode re-presentment rights. Merchants who participate in Verified by Visa and MasterCard SecureCode are in most cases protected from “unauthorized use” types [...]
Says:
May 30th, 2010 at 4:54 pm
[...] in Verified by Visa and MasterCard SecureCode. These are fraud-prevention services that the Credit Card Associations [...]
Says:
May 31st, 2010 at 3:51 pm
[...] the transaction has failed Verified by Visa or MasterCard SecureCode authentication, do not submit it for authorization, but instead request an [...]
Says:
May 31st, 2010 at 5:16 pm
[...] your Verified by Visa and MasterCard SecureCode representment rights. If you participate in Verified by Visa and / or [...]
Says:
June 1st, 2010 at 9:39 am
[...] Verified by Visa and MasterCard SecureCode. These are payment authentication systems that validate a cardholder’s ownership of an account in real-time during an online payment transaction. When the cardholder initiates a payment at the checkout page of a participating merchant’s website, a new screen automatically opens up in the cardholder’s browser. The cardholder enters a previously created password that allows the card issuer to verify his or her identity. [...]
Says:
June 7th, 2010 at 9:55 am
[...] especially if yours is an e-commerce business. Make sure that your prospective processor supports Verified by Visa, MasterCard SecureCode, the Address Verification Service (AVS) and the Card Security Codes (CVV2, [...]
Says:
June 8th, 2010 at 4:41 pm
[...] Code (CVV2, CVC 2 or CID) requests with the authorization. For internet transactions, also use Verified by Visa or MasterCard SecureCode, where applicable, as an additional way of confirming the cardholder [...]
Says:
June 11th, 2010 at 6:55 pm
[...] such as the Address Verification Service (AVS), Card Security Codes (CVV2, CVC 2 and CID), Verified by Visa, MasterCard SecureCode and fraud scoring [...]
Says:
June 11th, 2010 at 7:21 pm
[...] you are participating in Verified by Visa (VbV) or MasterCard SecureCode, complete the respective authentication process and provide the [...]
Says:
June 25th, 2010 at 9:20 am
[...] by Visa and MasterCard SecureCode. Verified by Visa and MasterCard SecureCode are authentication systems that validate a cardholder’s ownership [...]
Says:
July 10th, 2010 at 12:33 pm
[...] you are using Verified by Visa or MasterCard SecureCode, add the logo to your home page, security information page and checkout [...]
Says:
July 18th, 2010 at 11:27 am
[...] works by embedding itself into an infected computer and mimicking the enrollment forms for the Verified by Visa and MasterCard SecureCode security programs. The two programs allow cardholders to create unique [...]
Says:
August 5th, 2010 at 6:25 pm
[...] by the card issuer and, if correct, the transaction is allowed to be completed. Implementing Verified by Visa and MasterCard SecureCode protects merchants from fraud-related [...]