April 01 2019Mastercard 2.0
Merchant Liability Shift ActivationGlobal
ActiveServer is a 3D Secure 2 3DS Server solution for merchants and Payment Service Providers. ActiveServer allows merchants to implement 3DS2 for their payment flows and have guaranteed protection against Card Not Present (CNP) fraud via Liability Shift. It supports all major card brands, is PCI-DSS ready and is simple to integrate with easy to use APIs.
ActiveServer offers the flexibility of In-house deployment or can be utilised from GPayments' Hosted Service.
Key business information available from dashboard reporting functionality provided through the administration web application
Ability to utilise any popular web container to launch ActiveServer or deploy as a standalone application utilising Spring. This extends to all popular operating systems including Windows and Linux servers.
Compatibility with most major general purpose Hardware Security Modules for encryption, including Thales, Gemalto, AWS KMS, or any PKCS11 compatible HSM’s
Simple management of all ActiveServer instances deployed via a token-based activation procedure linked to the organisation’s account with GPayments
Ability to add multiple 3DS Requestors and merchants to the same ActiveServer instance
For existing customers, GPayments is available to develop a plan and identify the tools needed for migrating to ActiveServer
With the significant increase in Internet usage and with a view to capturing new markets, most merchants now offer their customers a variety of ways to purchase online, including both traditional browser-based eCommerce and in-app purchases. Recognising the necessity to support new and evolving payment channels, in addition to traditional PC desktop and browser-based transactions, ActiveServer includes the ability to natively support authentication of app-based transactions on mobile and other consumer connected devices.
Another key benefit for merchants in 3DS2 is the introduction of the frictionless flow. While many rule-based engines have been available in the market in the past, 3DS is the only protocol to offer issuer-approved authentication for merchant liability shift. The former 3DS required users to go through an initial sign up process, remember static passwords, and it utilised the invasive challenge screen, which often ended up leading to cart abandonment. 3DS2 offers a seamless way for cardholders to be authenticated between the merchant and issuer and the prediction is that in most cases authentication activity will be invisible to the cardholder, leading to a significant increase in conversion rates.
3DS2 also supports cardholder verification for non-payment transactions, allowing merchants to verify a cardholder’s identity with its issuer, without needing to process a charge, all within the security of the 3DS ecosystem. This is useful for scenarios such as adding a payment card to a digital wallet or managing recurring transactions. A new device channel introduced in 3DS2 is 3DS2 Requestor Initiated (3RI). This channel allows authentication to be initiated from the merchant’s 3DS Requestor environment, which is useful for managing recurring transactions, or checking if a card is still valid.