RSA Announces the Upcoming Release of Adaptive Authentication for eCommerce 20.7

Document created by RSA Product Team Employee on Jun 25, 2020Last modified by RSA Link Team on Sep 22, 2020
Version 5Show Document
  • View in full screen mode

RSA Adaptive Authentication for eCommerce is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol (Visa Secure and Mastercard Identity Check) and is powered by risk-based authentication, an intelligent system that authenticates a user by measuring a series of risk indicators. Transparent authentication provides a user-experience in which a customer is only challenged in high-risk scenarios.

What’s New in Adaptive Authentication for eCommerce 20.7

Adaptive Authentication for eCommerce 20.7 includes these enhancements and new features:


Support for Cloning Rules in the Policy Management Application

In this release, RSA introduces the ability to clone an existing rule, in addition to creating rules from scratch. This allows you to easily define several rules that are similar other than minor differences, or to make minor changes to existing rules to fine tune the existing rule set. When you clone an existing rule, all rule details are copied other than the rule priority, which you will need to define. You can then modify the new rule as desired.  The approval process for cloned rules is the same as the approval process for all new rules.

For information about how to clone a rule, see the section on creating new rules in the Back Office User Guide.


New Default Bin Configuration

Adaptive Authentication for eCommerce 20.7 includes the option to define a default BIN configuration. By defining a default configuration, the majority of BIN range configurations can be handled in one centralized location,  and exceptions in unique BIN ranges can be configured separately. All incoming transactions, other than those configured in unique BIN ranges, are automatically handled using the default BIN configuration. If you have no customized BIN configurations, you can skip the BIN Load operation.

In addition to reducing overhead from BIN configuration management, this feature can prevent lost transactions due to misalignment between PAN registration at the card network and at the ACS.


User Interface Enhancements

In this release, EMV 3DS browser based challenge authentication screens have been improved to display information more clearly, support all browsers, and device types and increase usability. Changes include:

  • More dynamic and responsive elements
  • Display aliases are presented more clearly. Depending on the number of available aliases, the alias is either displayed without a selection, with radio buttons, or in a drop down list.
  • Button text can be in both upper and lower case

These are examples of the updated screens:




New RDR Version of the New Transactions Report

In this version of Adaptive Authentication for eCommerce, v03 of the New Transactions report is released.

V02 of the New Transactions report will be declared EOL six months after the 20.7 release. Please note that by this time, you must change your implementation to consume v03 of the New Transactions report. You do not have to make any other changes to your implementation to make use of the new fields.

The filename for v03 of the report is: TransactionsNew_V03_MMDDYY.txt.

These additional fields are included to allow customers to utilize ACS data in their system monitoring:

Rule Name

The name of the rule that was triggered in the Policy Management application.

3RI Indicator

Indicates the type of 3RI request.

Possible values:

  • Recurring Transaction
  • Instalment Transaction
  • Add card
  • Maintain Card Information
  • Account verification
  • Split/delayed shipment
  • Top-up
  • Mail Order
  • Telephone Order
  • Whitelist status check
  • Other payment
  • Billing Agreement
3DS Requestor Decoupled
Request Indicator

Indicates if the 3DS Requestor requests that the ACS use decoupled authentication and agrees to use decoupled  authentication if the ACS confirms its use.

Possible values:

  • Y
  • N
3DS Requestor Authentication

The type of authentication request.

Possible values:

  • Payment Transaction
  • Recurring Transaction
  • Installment Transaction
  • Add Card
  • Maintain Card
  • Cardholder verification as part of EMV token ID&V

Value used in the RSA User Interface for the RSA Session ID.

  • For 3DS 1.0 transactions, this is the RSA Transaction ID.
  • For EMV 3DS transactions, this is the ATN.

Universally unique transaction identifier assigned by the DS to identify a single transaction


For more information, see the RDR User Guide.

Reminder: RSA Recommends Upgrading to RDR v02

In Adaptive Authentication for eCommerce 20.5, RSA introduced concurrent support for multiple RDR versions. While RDR version support allows you to incorporate the updated data elements at your convenience, after implementing the necessary development changes, we recommend implementing the new RDR version before EOL to leverage the new specifications of the EMV 3D Secure protocol (3D Secure 2.0) and provide enhanced visibility into your fraud landscape.

Note: RSA understands that the worldwide COVID-19 pandemic may have affected our customer’s implementation timelines. We have therefore delayed the End-of-Life (EOL) date for RDR v01 until October 2020.


For additional documentation, downloads, and more, visit the RSA Adaptive Authentication for eCommerce page on RSA Link.


EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.