RSA Announces the Release of Adaptive Authentication for eCommerce 20.8
RSA Adaptive Authentication for eCommerce is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol (Visa Secure and Mastercard Identity Check) and is powered by risk-based authentication, an intelligent system that authenticates a user by measuring a series of risk indicators. Transparent authentication provides a user-experience in which a customer is only challenged in high-risk scenarios.
What’s New in Adaptive Authentication for eCommerce 20.8
RSA Adaptive Authentication for eCommerce 20.8 includes these new features, enhancements, and changes.
Credit Card Network Support
This release of Adaptive Authentication for eCommerce includes support for the JCB card network for EMV 3DS 2.1 and 2.2 transactions.
Visa Message Extension Support
Visa message extensions allow you to use additional data elements for PSD2 SCA as recognized by Visa.
Adaptive Authentication for eCommerce 20.8 supports the use of Visa Acquirer Country Code message extension for EMV 3DS 2.1 and 2.2 transactions. This extension can be utilized using the Acquirer Country Merchant Details fact in the Policy Management application. For more information, see the Back Office User Guide.
Behavioral Biometric Authentication
To meet European PSD2 SCA requirements, the UKF has declared Behavioral Biometric authentication as an acceptable inheritance second factor authentication method. Adaptive Authentication for eCommerce 20.8 includes the ability to capture biometric typing data on browser challenge screens. In an OTP challenge workflow, in addition to the existing authentication already taking place by the risk engine and the configured step up authentication methods, when an end user enters an OTP into a browser-based challenge authentication screen, Adaptive Authentication for eCommerce uses behavioral biometrics to seamlessly authenticate the user.
In addition, v03 of the Activity Log Raw Data Report includes a new value in the possible list of Activity Names: Verify Behavioral Biometrics.
To enable Behavioral Biometrics as a second factor authentication method, contact your RSA representative.
New Analytics Reports
Adaptive Authentication for eCommerce 20.8 includes these new Analytics Reports:
The Performance Dashboard report contains key performance metrics.
The EMV 3DS Analytics workbook contains data related to EMV 3DS transacations:
The Overview report includes transaction volume and value data based on 3DS transaction type.
The Top Merchant Distribution report displays four tables, each containing the ten highest-ranking merchants by Transaction Volume, Transaction Value, Estimated Fraud Savings Value, and Losses Values.
The By Merchant report contains the breakdown of transaction volume and transaction value by merchant.
The Segmentation by Transactional Value report presents the number of transactions by selected Merchant and Amount Band.
For more information, see the Back Office User Guide.
User Interface Enhancements
This release includes support for right-to-left languages in EMV 3DS browser-based challenge authentication screens. You can now add customized text in right-to-left languages.
Back Office Application Enhancements
These enhancements have been made to the Back Office applications in this release:
To complement the Forgot Password feature, this release includes email capture for Back Office users. When a Back Office user logs in, if the system detects that there is no email address associated with the user, the Back Office user is prompted to enter an email address if they choose. We recommend associating an email address with each account for optimal operating procedures as well as for security measures such as the Forgot Password feature. Having an email associated with an account allows the system to send a Back Office user an email to reset their password.
In this release, the change password feature is enabled in the Policy Management application. A Change Password link appears on the login page as well as on the top right of all pages in the Policy Management application, in addition to the Customer Service Administration, Customer Service, and Case Management applications.
Reminder: EOL for RDR v01
RDR v01 is now officially End-of-Life (EOL).
If you have not already implemented to the latest version of the RDR reports, RSA recommends that you updated your implementation to use the supported versions of the RDRs as soon as possible.
In Adaptive Authentication for eCommerce 20.5, RSA introduced concurrent support for multiple RDR versions. While RDR version support allows you to incorporate the updated data elements at your convenience, after implementing the necessary development changes, we recommend implementing the new RDR version before EOL to leverage the new specifications of the EMV 3D Secure protocol (3D Secure 2.0) and provide enhanced visibility into your fraud landscape.
For detailed information about the new RDRs, see the Adaptive Authentication 20.5 Release Notes and the RDR User Guide.
Updated Back Office API Error Handling
In an update to the error handling processes, if an invalid request is sent to the Back Office API, the application returns an error response with a status of 719. For more information, see the Back Office API Reference Guide.