What Mobile Device Data is Collected
One of the key components to authenticating a cardholder during an online transaction is
to compare information about the mobile device that the buyer is using to the
information about mobile devices that the buyer used in past transactions. This
information is maintained in the acess control server (ACS) at the issuing bank.
In mobile device transactions, information collected about the buyer device can
include:
- Device ID
- Device model
- Operating system version
- System language
- Country
- Time zone
- Screen dimensions
A successful device data collection process that includes the eleven browser elds listed
in the check enrollment step, increases the chances of a frictionless authentication.
The decision to escalate a transaction to a level of risk high enough to require
challenging the buyer to authenticate their identity is managed by business rules that
are congured in the issuer's risk analysis software that evaluates each
transaction.