Discover ProtectBuy: How 3-D Secure Works on the Discover Network
Discover ProtectBuy is the Discover-branded version of 3-D Secure technology. It was designed to help banks, merchants, and processors authenticate and verify customers more efficiently and effectively with biometric technology.
But what does it offer your business?
This article will examine Discover ProtectBuy and how Discover implements the technology. We’ll also discuss some of the benefits ProtectBuy offers, plus some potential downsides of its use.
Recommended reading
- Card Security Codes: How They Protect Consumers & Merchants
- The Top 10 Fraud Detection Tools You Need to Have in 2024
- ECI Indicators: How to Understand 3DS Response Codes
- Card Verification Values: What Are CVVs & How Do They Work?
- Payment Authentication: How to Verify Buyers Before a Sale
- Fraud Scoring: A "Must-Have" Tool for Fraud Management
What is 3-D Secure Technology?
Let’s start with the basics.
3-D Secure is a customer authentication protocol created for eCommerce. The system is used to validate buyers at checkout, creating an additional layer of security for online transactions. Card networks recommend that both issuing banks and merchants support the protocol.
You can enroll in 3DS programs through each card brand. If you’re uncomfortable doing this yourself, contact your processor or merchant account provider to see if they offer 3DS and can help you deploy it in your eCommerce store. Some third-party providers can help you implement 3-D Secure verification as part of a chargeback management plan.
Learn more about 3-D SecureHow Discover ProtectBuy Uses 3DS Tech
ProtectBuy is a 3-D Secure service specific to Discover, which implements real-time authentication software to verify credit card users before a transaction. This data can be leveraged to detect stolen cards, identify unauthorized users, and thwart fraud attempts before a transaction is made. Naturally, this technology helps merchants improve their antifraud and chargeback prevention efforts.
Approved transactions with Discover ProtectBuy work like this:
Step 1 | Authentication Initiated
When a customer inputs their card information to make a purchase, this data is processed through ProtectBuy. The technology evaluates the cardholder based on their login credentials, location, and transaction history to determine the likelihood of a fraudulent transaction. This entire process occurs in just seconds.
Step 2 | Transaction Approval
If the cardholder’s credentials check out, ProtectBuy’s algorithm will approve the transaction in real-time. After being authenticated and authorized, the cardholder will be seamlessly directed to the confirmation page without delay.
What if the credentials provided by the buyer don’t check out, though? Transactions declined by Discover ProtectBuy work like this:
Step 1 | Authentication Initiated
Same as above, the cardholder submits credentials that run through ProtectBuy for verification. The technology evaluates the cardholder to determine the likelihood of a fraudulent transaction. Again, this entire process occurs in just seconds.
Step 2 | Authentication Email Trigger
Suppose the ProtectBuy algorithm cannot authenticate the cardholder’s credentials. In that case, the cardholder will be sent a temporary passcode via email or SMS that they can input into a pop-up field. This tends to happen if the cardholder is doing anything outside the norm, like buying in a far-flung locale that's thousands of miles from home. It may also happen if their identity cannot be verified, or they misspelled anything during the verification process.
Step 3 | Authentication Decline
If the passcode is not imputed correctly by the individual attempting to initiate the transaction, or the code times out, the transaction will be denied, and an email explaining the reason for the decline will be sent to the cardholder.
It’s important to recognize that most cases of genuine credit card fraud result from stolen card information being bought and sold on the dark web. Cybercriminals can use card details acquired through data breaches, phishing attacks, identity theft, and ATO fraud to commit all sorts of criminal acts.
However, the credit card numbers they have access to are not foolproof. In fact, many fraudsters buy their stolen card numbers in bulk and try as many as they can at once, hoping one will work where ten might fail. That said, merchants who implement 3DS services with their regular fraud prevention systems can make the fraudster’s job much harder.
Benefits of Discover ProtectBuy
You can expect Discover ProtectBuy to help craft a truly winning fraud prevention strategy. When used in tandem with other anti-fraud programs (below), 3D Secure 2.0 technology is highly effective at identifying fraud before it happens.
By streamlining authentication during the checkout process, ProtectBuy can speed up verification and allow you to process more transactions while limiting exposure to disputes. Since 3DS can detect anomalies across so many data points simultaneously, it becomes much more difficult for cardholders to file fraud-related chargebacks. This can significantly reduce costs and losses and increase consumer confidence in your brand.
Potential Downsides to Protect Buy
Discover ProtectBuy is an incredible and near-seamless technology. Still, it isn’t perfect.
While the system prides itself on its seamless capabilities, it can introduce friction at the secondary approval stage that can interrupt customers’ checkout process. Some legitimate customers might be put-off by pop-up windows and additional security measures and ultimately abandon their carts. While this isn’t commonplace, it happens often enough that you should consider ways to mitigate friction wherever possible.
Perhaps the more concerning issue is that 3DS is still largely ineffective against friendly fraud and other forms of first-party abuse. Since friendly fraud is a post-transactional act, committed by the actual cardholder, 3DS will be rendered useless in these cases. This is a serious concern because friendly fraud accounts for the bulk of merchant chargebacks.
Additionally, some advanced account takeover and synthetic fraud tactics can let fraudsters spoof 3DS software. This would allow fraudulent transactions to pass through the system undetected.
So, how can you combat both of these concerns and still get the most out of 3DS technologies like Discover ProtectBuy? The answer is to adopt a broader strategy to mitigate fraud.
3DS: A Smart Addition to Any Fraud Prevention Strategy
3-D Secure 2.0 technologies like Discover ProtectBuy work best as part of a multilayer fraud and chargeback management strategy.
Incorporating 3DS into a multi-faceted antifraud system can stop many fraud attacks in their tracks. Most fraudsters are unlikely to have all the data they need to combat these systems working in tandem with each other. That said, redundancies give you a tighter screening net, letting you identify more fraud attacks and generate better data.
For true risk mitigation, though, you need a customized, end-to-end solution that can deploy the right tools and tactics where they will do the most good.
Discover ProtectBuy is available to EMV-certified merchants (who can provide written certification verification) and is PCI-DSS compliant. Additionally, merchants who wish to implement ProtectBuy must support 3-D Secure 2.0 technology, including terminal compatibility with all previous software versions.
If you’re interested in learning more about 3-D Secure—or any other aspect of chargeback management—contact Chargebacks911® today. We can show you how to take chargebacks off your plate and increase your ROI.