- Combining the Authentication and the Authorization Services
- Implementing SDK Payer Authentication
- Authentication Examples Using Primary Account Numbers
- Authentication Examples Using Digital Payment (Google Pay)
- Authentication Examples Using TMS Tokens
- Authentication Examples Using Flex Microform Tokens
- Authentication Examples Using Network Token/Tokenized Cards
- Authentication Examples of Merchant-Initiated Transactions
Which Device Data is Collected
One of the key components to authenticating a cardholder during an online transaction is
to compare information about the device that the customer is currently using to the
information in the bank's database about devices the customer used in past transactions.
This information is maintained in the acess control server (ACS) at the issuing bank.
This device information focuses on the web browser and includes these types of data:
- IP address
- Browser language
- Browser type
- Browser version
- Computer operating system
- System time zone
- Screen dimensions
- Color depth
A successful device data collection process that includes the 11 browser fields listed in
the check enrollment step increases the chances of a frictionless authentication. See
Step 3: Payer Authentication Check
Enrollment Service for the list of 11 browser fields. Business rules evaluate
whether a transaction is risky enough to require the buyer to authenticate their
identity. These business rules are configured in the issuer's risk analysis software
that evaluates each transaction.