DATASHEET RSA ADAPTIVE AUTHENTICATION FOR ECOMMERCE ANALYTICS APPLICATION COMPREHENSIVE VIEW OF YOUR 3D SECURE TRANSACTIONS RSA Adaptive Authentication for ecommerce is a risk-based fraud management solution for credit card issuers seeking to offer additional protection for online Card not Present (CNP) transactions. Leveraging the 3D Secure protocol and infrastructure, Adaptive Authentication for ecommerce enables issuers and merchants alike to provide a consistent, secure online shopping experience for cardholders while mitigating the risk of chargeback losses. The Risk Engine s high level of accuracy drives a very high fraud detection rate along with very low false positive rate. Powered by the RSA Risk Engine, RSA Adaptive Authentication for ecommerce evaluates each on-line transaction in real-time and analyzes the level of risk. The RSA Risk Engine analyzes over one hundred indicators per transaction to calculate the risk for that transaction. The Risk Engine s high level of accuracy drives a very high fraud detection rate along with very low false positive rate. THE ANALYTICS APPLICATION The Analytics Application provides card issuers leveraging RSA Adaptive Authentication for ecommerce with full visibility into their 3D Secure transaction data. The Analytics Application puts daily and monthly monitoring metrics, fraud detection rates and rule performance data at your fingertips so that you can align the solution with your risk tolerance and business priorities. The dashboard is populated with reports that Visualize and highlight trends and outliers Allow you to drill in and out for more or less granular views of the data Offer a flexible and dynamic interface for on-the-fly changes You can also export information from the dashboard into a range of formats that can be consumed by external applications. The Analytics Application provides you with more insight into your threat landscape so that you can make more informed decisions around policy management rules, risk score thresholds and other configurable variables. RSA FRAUD & RISK INTELLIGENCE
A COMPREHENSIVE VIEW OF YOUR 3D SECURE ENVIRONMENT The Adaptive Authentication for ecommerce Analytics Application includes a range of reports that provide you with a comprehensive view of your 3D Secure transaction data. Drill down by date range and BIN as well as card portfolio (i.e., credit, debit), card brand (e.g., Visa, MasterCard) and card status (i.e., active or silent) for more or less granular views. These report filters enable multiple views of the data and provide you with a nuanced understanding of your 3D Secure transactions. Overview Reports Daily, monthly and quarterly overview reports allow you to monitor system performance over time. The overview reports track decline, challenge and fail volumes and rates along with transaction volume and values. Daily overview The overview report provides a quick way to identify issues related to configuration or other changes as well as trends such as increased traffic during particular seasons, weeks or days. Fraud Levels This report provides you with an overview of fraud detection rates by volume, basis points and value over a selectable number of months. The report tracks fraud savings and losses as well as prevention and fraud rates. 2 RSA DATASHEET RSA Adpative Authentication
Fraud levels report The information on this report is invaluable for tracking the ongoing success of your implementation, monitoring individual BIN performance and calculating return on investment (ROI). Fraud Distribution The fraud distribution by risk score report provides insight into the performance of AA for ecommerce s risk model over a selectable number of months. It breaks down by risk score total declined transactions, total challenged transactions where the cardholder passed and total challenged transactions where the cardholder failed. The report also includes how much fraud was erroneously and transparently authenticated. Fraud distribution report The information in this report can also be used to gain insight into the effectiveness of your risk score thresholds. So for example if you had set the threshold for challenging a transaction at the top 3% but find that for certain months there is a higher number or percentage of transparently authenticated fraud, you may consider setting the threshold lower to account for the seasonal differences. 3 RSA DATASHEET RSA Adpative Authentication
Risk Score Distribution The risk score distribution report shows challenge and decline rates as well as transaction distribution by risk score band. This report can be run against both a monthly and daily time frame. Daily risk score distribution The information in this report can be used to identify the impact of the challenge and decline policy management rules over your 3D secure transactions. Case Marking The case marking report allows you to monitor false positives, a key performance indicator (KPI) for the 3D Secure environment. A high number or percentage of false positives, i.e. cases that were flagged as fraudulent but ended up to be legitimate transactions, can add significant operational costs and impact the user experience. Case marking report The case marking report calculates the G:F (genuine to fraud) ratio and the percentage of investigated cases. RSA uses the G:F ratio to measure the number of false positives among the blocked transactions captured by the policy management rules. For example, among five blocked transactions, if three are genuine transactions and two are actual fraud the G:F ratio would be 1.5 (3:2). The lower the G:F ratio the less genuine users are being disturbed in order to stop a fraudulent transaction. 4 RSA DATASHEET RSA Adpative Authentication
The G:F ratio is a proxy for the performance of the Adaptive Authentication for ecommerce. A low G:F ratio in combination with a high fraud detection rate indicates a highly effective and accurate solution. The report data can be measured against either monthly or quarterly time frames Rule Analysis The rule analysis report enables you to assess the performance and impact of both test and production policy management rules. This capability is critical for ensuring that you get the most out of Adaptive Authentication for ecommerce. In addition to capturing the number and percentage of transactions impacted by a test or production rule, the rule analysis report provides details that can help you determine whether a rule should be promote into, remove or remain in production (e.g., impact on case volume, fraud cases and genuine cases). Rule analysis report So for example if there is a strong correlation between fraudulent cases among the investigated cases, the rule is an efficient one that prevents fraud with minimal impact on legitimate cardholders. On the other hand, if you have a high number of cases that are being investigated yet they are genuine, you are unnecessarily impacting cardholders without identifying much fraud. Merchant Summary The merchant summary template displays overall transaction values and volumes as well as chargeback values and estimated values for prevented fraud for individual merchants. Merchant summary report The ability to drill down into individual merchants to identify issues and trends provides better insight into your threat landscape and drives more informed use of the Policy Management application. 5 RSA DATASHEET RSA Adpative Authentication
Merchants Ranked by Loss The merchants-ranked-by-loss report presents the chargeback value and volume of the 30 merchants with the highest chargeback value. This report allows you to identify at a glance the riskiest merchants. Top merchants by reported losses Leverage the Policy Management Application to treat transactions from merchants with high chargebacks in a way that aligns with your risk tolerance. The ranking also enables you to see the difference among top merchants by loss if there is a wide gap between the top merchants and then a significant falloff within the Top 30, you can concentrate your analysis on those that contribute disproportionately to chargeback losses. Authentication Methods The Authentication Methods report presents the challenged transactions by the different authentication methods. This report helps you identify the most effective step up authentication methods (e.g., One Time Password, Knowledge-Based Authentication, on- or off-card data elements, biometrics) in your 3D Secure transactions data by reflecting the number of fraudulent and genuine transactions that fail once challenged. 6 RSA DATASHEET RSA Adpative Authentication
Authentication report Even among your cardholders, there can be significant variability around the effectiveness of different authentication methods. Therefore you can also track BIN and card schemes across configurable time periods. Failure Reasons The failure reasons report categorizes the reason that cardholders have failed the challenge. Reasons for failure include: Attempt Attempts processing was performed but authentication could not be completed Challenge Failed The cardholder response to the challenge was incorrect and the challenge authentication failed Challenge Expired The cardholder did not respond to the challenge within the time limit Declined The 3rd party used for the challenge denied RSA request for challenge and the challenge was not initiated. For example, the KBA challenge was not initiated for a suspicious cardholder Locked The cardholder account was locked. Walk-Away The cardholder clicked Cancel, or closed the window, to cancel the transaction Technical Problem A technical problem prevented proper handling of the purchase Other The transaction was not an AAeC transaction. 7 RSA DATASHEET RSA Adpative Authentication
Failure reasons This report particularly in combination with the failure reason report can help you identify addressable issues that can impact your bottom line. For example, if a high number of date elements challenges are failing and a high percentage of those failures were from customers who simply walked away, for particular BINS, you would likely consider an alternative method for that population. MORE INSIGHT DRIVES MORE INFORMED DECISION MAKING The Analytics Application provides you with more insight into the performance of your 3D Secure transactions data. This actionable insight drives more informed decision making around policy management rules, risk score thresholds and other configurable variables in the Adaptive Authentication for ecommerce solution. Each card issuer has different business priorities and risk tolerance sometimes even within their own cardholder population. The analytics dashboard allows you to drill down and identify the areas that you want to address with the Policy Management Application and the areas in which you are achieving your fraud detection and business goals. www.rsa.com ABOUT RSA RSA provides more than 30,000 customers around the world with the essential security capabilities to protect their most valuable assets from cyber threats. With RSA s award-winning products, organizations effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime. For more information, visit www.rsa.com. EMC 2, EMC, the EMC logo, RSA, and the RSA logo, are registered trademarks or trademarks of EMC Corporation in the United States and other countries. VMware is a registered trademark or trademark of VMware, Inc., in the United States and other jurisdictions. Copyright 2016 EMC Corporation. All rights reserved. Published in the USA.