Mastercard Identity Check Helps…but Only Offers Partial Protection
Online shopping has seen unprecedented growth over the last few years. So has online fraud. In fact, Mastercard studies show that the global chargeback volume is expected to hit 615 million in 2021.
Mastercard Identity Check (Identity Check, or MCID) is an extra layer of protection designed to defend cardholders from the growing threat of fraudulent activity. This global solution makes it harder to use a Mastercard payment card that's been reported lost or stolen.
Identity Check provides some protection for merchants, too. But, is it enough for complete fraud mitigation? In this post we’ll talk about how Mastercard Identity Check works, how the product has evolved since its inception, and just what type of protection it offers.
What is Mastercard Identity Check?
- Mastercard Identity Check
Mastercard Identity Check is an advanced security feature available from Mastercard. The technology helps authenticate purchasers as authorized cardholders. This extra layer of verification helps protect both cardholders and merchants during checkout.
[proper noun]/*• mas • ter • kahrd l ahy •den • ti • tee •| • chek •/
Identity Check is the Mastercard-branded deployment of 3-D Secure technology. It was created to make online Mastercard transactions as safe, fast, and convenient as purchases made in a store.Learn More About 3-D Secure technology
The program works by verifying a customer's identity at the checkout stage, ensuring that transactions come from only authorized Mastercard card users. This 3-D Secure Visa deployment is the same technology used by other card networks like JCB, American Express, and Discover. Visa, for instance, refers to their 3DS-based product as Verified by Visa.Learn More About 3-D Secure technology
Identity Check with 3-D Secure 2.0
There are actually two versions of Mastercard Identity Check. The original version (often referred to as Mastercard SecureCode) is still in wide use. However, there is also a newer protocol, based on 3-D Secure 2.0.
The original version worked, but it drew serious complaints from both merchants and customers. Cardholders had to register for the service. They were then given a PIN code/password to enter during the checkout process (with participating online merchants).
If the buyer could not provide this ID number, the transaction would be flagged as fraud and automatically declined. It was a relatively simple concept, but it caused considerable friction at checkout. It also resulted in a measurably lower conversion rate.Learn More About 3DS 2.0
How Does Mastercard Identity Check Work?
The latest version of MCID addresses many of the issues with the original. The updated protocol uses risk-based analysis to assess transaction risk. That means instead of a static password, the system compares over 100 different data points to verify shopper identity in real time. In 95% of cases, buyers can be authenticated with no additional input.
Usually, the buyer won’t even be aware the authenticity check was performed. Put another way, Mastercard Identity Check only asks for secondary identification in about 5% of cases. This “frictionless flow” is at once faster, more accurate, and easier to use. It reduces the risk posed by false positives if a Mastercard Identity Check authentication failed.
How to Start Using Mastercard Identity Check
To begin using Mastercard Identity Check, you first need to contact your processor and confirm they support 3-D Secure 2.0. Most do, at this point. If they do not, however, you can either contact Mastercard or consider switching to a new processor.
Second, you’ll need to integrate the program on your website. Integration can be confusing, so it is often advantageous to seek third-party assistance. A list of approved vendors which provide Identity Check integration is available from Mastercard.
Merchants pay a flat fee for every transaction sent through Identity Check. The price you’ll pay as a merchant will vary, depending on your processor (Mastercard also imposes fees on the process). Not surprisingly, the more transactions you send through the 3DS2 protocol, the lower the per-transaction cost.
So, now for the $64,000 question: is implementing Identity Check worth it? Let’s take a look at what you get for your money to help you decide.
Benefits of Identity Check
Overall, Mastercard Identity Check delivers a smoother transaction process and a higher level of security. That alone makes the product worth considering, but there are additional features and benefits.
Although the core purpose of the MCID protocol is to safeguard consumers, it also offers protection for merchants.
Normally, merchants are the ones liable for a transaction when a chargeback occurs. Using Identity Check shifts the liability for chargebacks to the issuing bank. This protection only applies if a) authentication was successful; and b) a fraud-based chargeback is filed. If both of these criteria are not met, the chargeback liability stays with the merchant.
Strong Customer Authentication (SCA) is a fraud reduction/online payment security mandate that was an integral part of the Payment Services Directive (PSD2). SCA requires transactions in the European Union to have two forms of customer identification.
3-D Secure represents the latest standard in global payment security, and the protocol is a requirement in order to accept credit cards in Europe. The technology involves such a robust transaction analysis that most transactions may be deemed SCA compliant even without the secondary identification.
Even if additional customer information is required for a transaction, Identity Check supports alternate authentication methods such as biometrics (fingerprint scanning or voice recognition) or passwords/security codes.
PSD2: What It Is, Why It Matters, and What Merchants Need to Know
EU’s revised Payment Services Directive will have repercussions for merchants globally. Download our free report to learn about key elements of this directive.Free Download
Additional Identity Check features include:
Identity Check authenticates most customers in real-time, with no additional action needed on the part of the cardholder.
Frictionless transactions lead to more conversions and less churn. More combined data points mean fewer false positives.
Payments can be performed in both application and browser-based solutions, on mobile and other consumer-connected devices. Also, Identity Check accepts mobile, in-app, and digital wallet payment methods.
Better Risk Analysis
Identity Check gathers and analyzes a considerable amount of transactional data for more accurate assessments. The abundance of information provides a high level of security and lowers the risk of criminal fraud.
Reduced Chargeback Liability
The Mastercard Chargeback Guide specifies that successful transactions using Identity Check are not eligible for a chargeback involving any of the following reason codes:
- 4837: No Cardholder Authorization
- 4849: Questionable Merchant Activity
- 4863: Cardholder Does Not Recognize—Potential Fraud
Even with chargebacks using other reason codes, the use of could Identity Check still be used as compelling evidence.
Focused on Fraud Prevention…Not Chargebacks
Using MCID may lower a merchant's overall number of chargebacks, but the technology is by no means perfect.
The underlying software was designed to detect and prevent criminal fraud, not combat chargebacks. While it's certainly a step in the right direction, Identity Check's chargeback prevention capabilities are limited in several areas:
- It can only be used for online transactions.
- It only helps prevent chargebacks associated with Mastercard transactions.
- A transaction could be authenticated, even though it was not authorized. For example, a roommate might make purchases from the cardholder’s computer without permission.
- Identity Check can only help deter unauthorized transactions. Merchants are still susceptible to disputes resulting from other chargeback triggers.
That last point is very important. Our research suggests less than 10% of all chargebacks are the product of genuine criminal fraud. Most chargebacks are the result of friendly fraud, and Mastercard Identity Check has no effect on chargebacks resulting from merchant error or friendly fraud.
One Part of an Overall Strategy
Mastercard Identity Check authentication does offer valuable protection against fraud. It works best, however, as part of a multi-level fraud and chargeback management strategy. For true chargeback protection, most merchants need a customized, end-to-end solution that that employs the most effective tools where they will do the most good..
If you’re interested in learning the role Identity Check can play in your overall chargeback management, strategy, contact Chargebacks911® today.