RSA Adaptive Authentication for eCommerce is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol (Visa Secure and Mastercard Identity Check) and is powered by risk-based authentication, an intelligent system that authenticates a user by measuring a series of risk indicators. Transparent authentication provides a user-experience in which a customer is only challenged in high-risk scenarios.
What’s New in Adaptive Authentication for eCommerce 20.7
Adaptive Authentication for eCommerce 20.7 includes these enhancements and new features:
Support for Cloning Rules in the Policy Management Application
In this release, RSA introduces the ability to clone an existing rule, in addition to creating rules from scratch. This allows you to easily define several rules that are similar other than minor differences, or to make minor changes to existing rules to fine tune the existing rule set. When you clone an existing rule, all rule details are copied other than the rule priority, which you will need to define. You can then modify the new rule as desired. The approval process for cloned rules is the same as the approval process for all new rules.
For information about how to clone a rule, see the section on creating new rules in the Back Office User Guide.
New Default Bin Configuration
Adaptive Authentication for eCommerce 20.7 includes the option to define a default BIN configuration. By defining a default configuration, the majority of BIN range configurations can be handled in one centralized location, and exceptions in unique BIN ranges can be configured separately. All incoming transactions, other than those configured in unique BIN ranges, are automatically handled using the default BIN configuration. If you have no customized BIN configurations, you can skip the BIN Load operation.
In addition to reducing overhead from BIN configuration management, this feature can prevent lost transactions due to misalignment between PAN registration at the card network and at the ACS.
User Interface Enhancements
In this release, EMV 3DS browser based challenge authentication screens have been improved to display information more clearly, support all browsers, and device types and increase usability. Changes include:
- More dynamic and responsive elements
- Display aliases are presented more clearly. Depending on the number of available aliases, the alias is either displayed without a selection, with radio buttons, or in a drop down list.
- Button text can be in both upper and lower case
These are examples of the updated screens:
New RDR Version of the New Transactions Report
In this version of Adaptive Authentication for eCommerce, v03 of the New Transactions report is released.
V02 of the New Transactions report will be declared EOL six months after the 20.7 release. Please note that by this time, you must change your implementation to consume v03 of the New Transactions report. You do not have to make any other changes to your implementation to make use of the new fields.
The filename for v03 of the report is: TransactionsNew_V03_MMDDYY.txt.
These additional fields are included to allow customers to utilize ACS data in their system monitoring:
The name of the rule that was triggered in the Policy Management application.
Indicates the type of 3RI request.
|3DS Requestor Decoupled|
Indicates if the 3DS Requestor requests that the ACS use decoupled authentication and agrees to use decoupled authentication if the ACS confirms its use.
|3DS Requestor Authentication|
The type of authentication request.
Value used in the RSA User Interface for the RSA Session ID.
Universally unique transaction identifier assigned by the DS to identify a single transaction
For more information, see the RDR User Guide.
Reminder: RSA Recommends Upgrading to RDR v02
In Adaptive Authentication for eCommerce 20.5, RSA introduced concurrent support for multiple RDR versions. While RDR version support allows you to incorporate the updated data elements at your convenience, after implementing the necessary development changes, we recommend implementing the new RDR version before EOL to leverage the new specifications of the EMV 3D Secure protocol (3D Secure 2.0) and provide enhanced visibility into your fraud landscape.
Note: RSA understands that the worldwide COVID-19 pandemic may have affected our customer’s implementation timelines. We have therefore delayed the End-of-Life (EOL) date for RDR v01 until October 2020.
For additional documentation, downloads, and more, visit the RSA Adaptive Authentication for eCommerce page on RSA Link.
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.