IT managers for online retailers and at Visa card-issuing banks will soon be confronted with installing the latest weapon in the increasing war against online fraud: payer authentification applications.
Visa International Inc. is working with a number of different vendors, such as application service provider (ASP) ValiCert Inc., and Internet service providers such as Yahoo, in rolling out the new service. The service will require cardholders to use a password to complete online purchases.
To date, online retailers Buy.com, Tickets.com, eCongo.com and CDnow Online have signed on to try the authentification service, which takes about three weeks to install on their e-commerce servers. Banks will be required to install a database application that holds user passwords on their access control servers.
The system works by intercepting an online purchase transaction at the card-issuing bank. When a cardholder fills his online shopping cart and pushes the "buy" button, a Visa-branded window pops up asking for a password.
Cardholders can register for the password service online, directly with their card-issuing bank or when activating a new card.
Visa has persuaded three of its top member banks -- First USA Bank NA, FleetBoston Financial Corp. and Providian Financial Corp. -- to sign on for the service and eventually expect to win over all 14,000 of its card-issuing banks.
Banks and merchants can either install the service themselves by following open specifications, or they can hire an authorized ASP to install it for them. Visa is offering the service for free during its initial run but expects it will cost about US$2,000 per license thereafter.
Jim McCarthy, senior vice president at e-Visa, Visa's e-commerce division, said online purchases represent only 3 percent of overall Visa sales. While that's expected to grow to 10 percent by 2005, he said, consumers are likely to remain wary of shopping online without a unique electronic signature that only they can provide. Online purchases, McCarthy said, contain the highest amount of purchase fraud -- 24 cents for every $100 spent, compared to 6 cents for every $100 overall.
"We do see a day that every Visa cardholder that transacts online will be asked to identify himself to complete the purchase," he said.