000014030 - Customer with visual impairments encounters difficulties with 3DSecure.

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Link Team on Nov 8, 2016
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014030
Applies ToAre you aware of any issues with screen reader software that could explain the issue outlined above?
Is there a way a customer who is struggling with 3D Secure can permanently opt out of registration?
The customer has mentioned the Bank's obligations to adhere to DDA requirements and feels that the necessity to register for 3D secure leads to reduced use of his credit card online.
IssueCustomer with visual impairments encounters difficulties with 3DSecure.
Customer decided to opt out of the service because his screen reader software does not pick up the random password characters that he needs to input during the purchase.
CauseScreen reader software does not pick up the random password characters.
Resolution

After researching this further we informed Client that we do support DDA (Disability Discrimination Act) in 3DSecure. It seems that the problem described below is specific for Random Password Characters (AKA Partial Password).

 

QA also replicated this issue in QA environment with screen reader software JAWS Version 8.0.422U and found that protocol works fine.

 

Investigating this further and looking at the 3DSecure FAQ (Frequently Asked Questions) it states that we support the following screen readers:

 

 

The reader used by customer isn't one of these readers and therefore isn't officially supported.

 

'The registration to 3DSecure is depended on two things - One is the Schedule (which means - Offer to register few times and then force or don?t offer again) and second is Risk Score. Also, it is the bank that makes the service as mandatory.

 

Also we cannot set the AOF schedule for just one card. AOF schedule is per BIN range and it is as per Issuers decision to mandate registration at all times or to have 2/3 opt outs and then mandate.

 

With respect to the situation of permanently opt out of registration then if the cardholder is having issues then issuer can always deactivate 3DSecure using the Customer Service application.

 

Please note that the fraud liability still lies with the issuer.

Legacy Article IDa43710

Attachments

    Outcomes