RSA Adaptive Authentication for eCommerce is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol (Visa Secure and Mastercard Identity Check) and is powered by risk-based authentication, an intelligent system that authenticates a user by measuring a series of risk indicators. Transparent authentication provides a user-experience in which a customer is only challenged in high-risk scenarios.
What’s New in Adaptive Authentication for eCommerce 21.1
EMV 3DS Certification
Adaptive Authentication for eCommerce is certified by Visa for the EMV 3DS 2.2 protocol.
RSA User Interface (RGI) Enhancements
To improve transparency of the RGI errors, we have expanded the internal error messaging system to increase the granularity of the information provided in the activity log.
These new values are included in the Activity Log in the Customer Service application, Back Office APIs and the RDRs for customers who have enabled this feature:
- A new Adaptive Authentication: Start 3DS 1.0 Challenge. Contact your RSA representative to enable this activity.
- These additional errors are included in the RGI and can appear in addition to the existing errors.
Note: These values have been added within the existing error code ranges in the system.
3DS 1.0 Error ID
Error on the issuer's side
Invalid issuer session id
OTP generation failed on the issuer's side
Issuer could not send OTP to the cardholder
There was a problem initiating the OOB flow
There was a problem with the issuer's OOB service
Generating token value failed
Encryption failed on the issuer's side
Message Signing failed on the issuer's side
Decryption failed on the issuer's side
Signature verification failed on the issuer's side
Unexpected http status received from the issuer
Timeout connecting to or sending data to the issuer
SSL connection failed
Connection error on issuer's side
Unsupported response received by the issuer
Signature validation failed
Support for Visa and Mastercard Implementations of PSD2 Exemptions
Visa and Mastercard have provided technical specifications to support PSD2 EU regulatory exemptions.
Adaptive Authentication for eCommerce 21.1 supports Secure Corporate Payments Exemptions for Visa, and Acquirer Strong Consumer Authentication for Mastercard.
If you would like to enable these exemptions, contact your RSA representative to implement any necessary changes. Implement changes to your rules and policies to ensure that you allow all transactions for which you want to provide exemptions. By definition, exemptions cannot be applied to challenged or declined transactions.
For additional documentation, downloads, and more, visit the RSA Adaptive Authentication for eCommerce page on RSA Link.
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.