EMV 3DS

Mobile-First

3DS for Everybody

Why is EMV 3DS So Important?

EMVCo is the payment industry’s standards body responsible for: (1) securing in-person payments using a chipcard and (2) online payments using 3DS. The ‘big new’ in in the 2^nd version of 3DS is payments made within a mobile app; the ‘big fix’ is a frictionless consumer experience.

mSIGNIA joined EMVCo in 2015 to help create the 3DS version 2 specification, or EMV 3DS^®, and was elected by other Technical Associates two years later to act as a technical advisor to the EMVCo Board, which includes American Express^®, Discover^®, JCB^®, Mastercard^®, UnionPay^® and Visa^®.

mSIGNIA was the first security company to release an iOS^® and Android^® mobile security SDK; as such mSIGNIA’s SDK and products were part of the initial EMV 3DS compliancy tests. mSIGNIA’s 6^th generation SDK for iOS, Android and browsers is an EMVCo certified ‘universal’ SDK (uSDK); enabling merchants to integrate a single SDK into their website, iOS app or Android app and support the data requirements of nearly any EMVCo compliant issuing bank’s risk-engine.

mSIGNIA provides a complete EMV 3DS Merchant Solution that is compliant with available EMV 3DS and payment network specifications. Many of the merchant solution components are also useful to payment networks and issuing banks.

mSIGNIA’s EMV 3DS Merchant Solution, shown in the diagram, includes:

SDKs easily integrated into a merchant’s website or mobile apps (iOS and Android) and run on the consumer’s PC, tablet or smartphone
SDK Manager configures data collection, provisions data to the consumer’s device, ensures integrity of the mobile system, and maintains consumer privacy
Web services for the merchant’s eCommerce site, including the EMV 3DS Requester (Server and plug-in) and Data Gateway for enabling and managing various microservice enhancements
EMV 3DS Compliancy Platform for certifying the compliancy of EMV 3DS merchant and banking products.

mSIGNIA’s SDK Manager, merchant web services and EMV 3DS Compliancy Platform can be run on-premise or hosted in mSIGNIA’s PCI DSS^® certified AWS^®environment.

mSIGNIA 3DS SDK Manager Enhancements

Configuration

Remote management of 3^rd party data collected, controlled by merchant; improves privacy and pay approvals

Provisioning

Trusted, secure data downloads to 3^rd party mobile apps; enables device tags (i.e. browser cookies), payment tokens, crypto keys, etc.

App Point Protection

Real-time detection of malware, Rogue Apps, ‘Proof-of-Life’, emulators and bots

Risk Data Consortium

Data aggregation for risk consortiums, improves machine learning for analytical authentication and fraud prevention

mSIGNIA 3DS Merchant Solution

One SDK

Single SDK integration; configurable to satisfy data needs of nearly any issuing bank

Data Management

Merchant control over customer data collected and shared, including int’l privacy regulations

Payment Selection

Merchant can manage 3DS data used… support server wallets, choose Debit or Credit pay rails

3DS Hybrid

Simultaneous support for 3DS v1 and v2 so more transactions are accepted

Advanced Identity

Data collection and secure provisioning enables advanced Strong Customer Authentication options incl. FIDO^®

What Makes Mobile-First Design Different?

Mobile-first is a new buzzword; mSIGNIA’s founders have specialized in mobile security since 1999. Since then, they have led mobile security efforts worldwide for Symantec^®, GTE Cybertrust^®, Gemalto^®, and various start-ups.

Mobile is a game changer: the device is so personal it literally puts you online. No longer does a user have to go to a PC and login; users are now always connected causing the physical and digital worlds to overlap and intermix.

mSIGNIA was founded because mobile changed everything… but security methods failed to change. mSIGNIA was the first company to provide iOS and Android security libraries that are integrated into a mobile app. This provides security from within, but SDKs distributed in 3rd-party apps must be monitored to maintain security and data access managed.

Old security methods must update to operate with mobile apps; security now requires a mobile-first design. Security now requires the experience of mSIGNIA.

mSIGNIA’s uSDK and SDK Manager enable the payment ecosystem to benefit from the mobile environment… rather than be limited by it.

Follow the links below to see how mSIGNIA’s uSDK and SDK Manager enable:

Dropping 3rd-party security data in mobile apps … more
Identifying an iOS device … more
Ensuring the security of a mobile app connection … more

How Does EMV 3DS Work for Everybody?

mSIGNIA makes it easy for merchants to adopt and benefit from EMV 3DS. mSIGNIA’s uSDK, SDK Manager and Data Gateway also make EMV 3DS great for consumers, payment networks and issuing banks.

Consumer

Safe and easy transactions, approved without interruption
Confidence in the privacy of data collected
Protection against fraud and identity theft
Consistent user experience for payments across merchants and with different payment cards

Payment Networks

Data alignment between Merchants and Banks enable more transactions approved in the Frictionless Flow
Managed uSDK simplifies and accelerates 3DS rollout/adoption, ensures data integrity and consistency for risk decisioning
SDK-as-a-Service creates client ‘beachhead’ for 3DS, Data collection, SRC® / Buy Button, PSD2®, FIDO, Tokens… ultimately IDaaS

Issuing Banks

Data configuration and device tag provisioning support legacy risk engines, reducing a bank’s efforts and increasing approved transactions
Credit and Debit selection supports business rules and reduces cost-of-transaction
uSDK integration in bank’s mobile app enables 2nd data collection push-option under bank’s control