Posts in category: News

A cart abandonment rate is one of the biggest challenges of e-commerce.  Every year e-commerce brands record losses estimated at US$18 billion with cart abandonment.1*  Latin America, including countries in South and Central America, have a 75.3% cart abandonment rate.2* One of the most significant reasons for these abandonments is the friction perceived by the user during their act of purchase.  Technology providers are working to reduce this friction by implementing Risk Based Authentication (RBA) algorithms in their solutions so that users (cardholders) are automatically authenticated, thus providing security for the entire electronic payments ecosystem.

1* CreditDonkey, Dynamic Yield.

2* CreditDonkey, 2022.

What is Risk Based Authentication (RBA)?

Risk Based Authentication, also known by the acronym of its initials RBA, is not an exclusive term for authentication in electronic transactions, but its application makes perfect sense for this purpose. This is a general term used to identify any authentication process that has its validation rules linked to a risk analysis based on the data provided for this purpose.

Bringing this concept to the universe of electronic transactions, the application of RBA happens in conjunction with a 3DS Access Control Server (ACS), recommending or taking actions based on the data obtained by the 3DS Methods protocol.  This is supported by an EMVCo, referring to the 2 possible flows of customer authentication (cardholder) in an electronic transaction:

• Authentication without challenge: Risk analysis identifies low risk and recommends authentication without the cardholder needing to interact with the ACS.
• Authentication with challenge: the risk analysis identifies a medium or high risk and recommends an authentication in which the cardholder needs to interact with ACS, for example, enter a password sent by SMS.

How Does It Work?

In this application of the RBA being applied integrated to the ACS, the result of the risk analysis returns one of the two recommendations already mentioned above based on some of the following transaction information extracted from the 3DS protocol authentication request message:

• Customer Data
• Card Information
• Purchase Information
• Store Information

All this information is sensitive and therefore services related to financial transactions are developed and operated according to the strictest standards, as well as information security and are governed by governance instruments with annual audits of bodies such as Payment Card Industry (PCI), EMVCo and the brands themselves.

Unchallenged Flow

1. When the customer confirms Checkout, the purchase and customer data passes through the 3DS protocol domains and is processed as an authentication request message until it reaches the Issuing Bank’s Access Control Server (ACS).
2. The ACS consults the risk analysis service that processes the authentication request information.
3. The risk analysis service validates the data by not finding inconsistencies in the transaction authentication request message against the defined rules/parameters, then informs the ACS that the transaction can be authenticated without customer interaction.
4. ACS authenticates the transaction and then the payment follows the normal authorization flow.

1. Same flow process without challenge.
2. Same flow process without challenge
3. The risk analysis service finds some inconsistency in the data of the transaction authentication request message in relation to the defined rules/parameters, then informs the ACS that the transaction will be authenticated after successful customer interaction.
4. The ACS presents the challenge screen, where the customer must enter the password received by SMS, email or other method of sending.
5. After successful validation of the password, the payment follows the normal flow of authorization.

Benefits

One of the main challenges in an electronic transaction is the conversion rate, which is the rate related to the customer (card owner) who visits the page and even adds the item to the cart, but does not complete the purchase. And one of the biggest offenders for this practice is the friction at checkout, where the customer ends up giving up the purchase by having to perform additional authentication or verification steps.   By integrating RBA into the ACS solution, the authentication process gains an important automation to assist the Issuing Bank in its decision making to challenge or not a transaction based on customer information, purchase information, behavioral aspects, device information used, and other data obtained from the 3DS protocol. Thus, for consumers who usually follow patterns in their e-commerce purchasing activities, RBA will tend to suggest the flow without challenge, thus decreasing friction in the authentication process safely for all participants in the process.

HST – Risk Based Authentication (RBA): more security for electronic transactions

Risk Analyzer is HST’s Risk-Based Authentication solution, operating in conjunction with HST-ACS 2.0 brings card-issuing banks more security and agility in the decision-making process regarding transaction authentication.

Want to know more about our solutions? Get in touch with our sales team!

What are digital wallets and digital wallet white label?

A digital wallet is an electronic service that allows you to pay for goods and services through mobile devices, such as cellphones and wearables.  Payment details are stored in the wallet as a token.  In addition to paying for items in a contactless, more secure manner, digital wallets also allow you to store sensitive information; items such as cards and gift cards can be securely stored in a digital wallet.    

The difference between OEM wallet and white label wallet

• OEM wallet – OEM Original Equipment Manufacturer.

These wallets are the mobile payment applications developed and offered by the device manufacturer, such as Samsung Pay, Google Pay and Apple Pay. This allows users to add cards from multiple issuers to the wallet application.  This app is not customizable.

• White Label Wallet – these solutions enable financial institutions and issuers to customize their own branded wallet with the “look and feel” that their customers are used to seeing.  They have the same functionalities of OEM wallets such as payment capabilities and storage capacity.  White label wallets tend to be device agnostic, viable for both Android and iOS devices.  An additional benefit for the issuers and financial institution  white label wallets are the ability to strengthen your relationship with clients and provide payments solutions to everyday problems.

Functionality 

Digital wallets can store credit and debit card information a allowing payments directly from the card.  Other functionalities that digital wallets offer are: Peer-to-Peer (P2P) payments, online payments, hold funds, store ID cards, storage for transit tickets such as trains, buses or boarding passes and security.  All wallets have security features and technology that protect sensitive data and keep it safe.

How do digital wallets work?

Digital wallets can be downloaded through a digital wallet app provided by your bank, onto your smartphone.  Once you have the app downloaded, you typically enter the credit or debit card info into the wallet.  The wallet will automatically contact the issuing card network and get a token.  The token will stand in place of your card number so that your data will be secure and the token will be saved on your device.  

When paying at a store with your mobile device, digital wallets will use the NFC chip stored in it.  By hovering over the POS terminal, the payment app is activated and payment can be made quickly, easily and without any contact.  Other payment methods can include QR or bar codes to send payment information.  

Benefits of using digital wallets

Digital wallet usage was increasing before the pandemic but now, usage has skyrocketed all over the globe due to the contactless convenience.  If you need to make a purchase in a store, payment can be made without touching a credit card terminal.

Payment Security

credit card fraud is a lingering concern and data security is a major concern.  Digital wallets have multiple layers of security to keep your data secure and protected, these include:

1. Passcode to access the wallet;
2. Encrypted transmission to transmit data from your phone to the server;
3. Tokenization technology replaces your real credit/debit card number with a token stored on your phone.  If a token is stolen, the credit card issuer simply reissues another token and disables the stolen token.

• Contactless Convenience –

  no touch payments are possible with a digital wallet as well as faster checkout, with just a few taps.  A big, bulky wallet is no longer necessary to run to the store and receipts can be stored on the app to help you stay organized.

HST Pay – Complete payment platform

HST Pay is a comprehensive payment platform which offers a mobile wallet for brands and/or private label. It includes all application modules related to tokenization. We are a certified Visa Token Service Provider (TSP). The solution allows for easy management of: users, cards, tokens and reports for wallets and cards.

Card Tokenization – know the main benefits

See the benefits of HST Pay:

• Options for regular and quick pay;
• Customizable to your own specifications/branding;
• Greater spending control;
• We provide infrastructure to digitize multiple credit card companies and private label cards;
• Biometric Secure Access;
• Cost effective White label option available;
• Supports a variety of ID&V methods *

ID&V – *Identification and Verification. Before tokens are associated with a device, the cardholder must go through an identity verification process.

White Label Digital Wallet – The future of your financial institution payment

During the global pandemic, consumers tried new forms of payments for the first time with many of them embracing digital wallets.  For many consumers, digital wallets have become a preferred method of payment and they will likely continue using them long after the pandemic has ended.  According to the Global Digital Payments Insights by Blackhawk Network*, 59% of Mexicans and 62% of Brazilians surveyed, used a digital wallet in 2020.

The 2021 Global Payments Report by Worldpay** surveyed consumers across 41 countries and found that in 2020, due to the pandemic, the lockdown accelerated the shift to digital payments.  Globally, the use of mobile wallets exceeded cash usage for in-store payments.  In Latin America, mobile wallets accounted for 6% of payment methods.  Forecasts for both in-store and eCommerce transactions indicate that digital wallets are likely to be the preferred method of payment.

Both the Blackhawk Network and Worldpay surveys seem to indicate that the pandemic has ushered in an age of cashless payments, the potential is great for retailers offering digital payment options as well as providers connected to the digital payment ecosystem.  So, the future of payments is definitely Digital Wallets!

IT Career – HST is a payment solutions company for financial institutions, retailers and fintechs throughout Latin America.

Tokenization of cards plays a fundamental role in security technology and it can be considered a necessity when it comes to digital payments.

La Asociación Popular de Ahorros y Préstamos (APAP) presentó su nuevo servicio de emisión de tarjetas de crédito instantáneas