Greetings I need clarifications on the liability model proposed under 3 D Secure:
Current Scenario : In case of MOTO transactions, the merchant bears the cost of all charge-backs. Proposed Scenario: 1. Happy Case for Visa: Cardholder, Issuer, Acquirer, Merchant & the processor are compliant to 3D Secure. Liability shifts from merchant to card holder 2. Issuer, Acquirer, Merchant & the processor are compliant to 3D Secure, Card Holder not enrolled. In this case if a merchant decides to honour the card, how is liability handled ? Common sense wd say that the merchant is liable for the risk. In case the merchant only accepts compliant cardholders, then the txn volume is restricted. OR Is the issuer liable for un-enrolled cardholders ? This would force the issuers to ensure maximum registration. Which are the regions where this liability model is already in place ? are there any statistics of compliant parties (percentage of compliant issuers, cardholders, acquirers, merchants ...) Thanks Amol *********************** Some comments received from Don Park on another list of similar nature: *********************** >2. Issuer, Acquirer, Merchant & the processor are compliant >to 3D-Secure. >Card Holder not enrolled. I believe merchant is liable currently, but as you pointed out, this is an interesting area that could see further development at both technical and business level. Moral perspective is: why should the merchant, who made the effort to verify the card holder, be penalized just because cardholder failed to enroll? Business perspective is: merchant needs more incentives to verify transactions until enrollment rate reaches some reasonable ROI threshold. I am not sure if liability shift for even unenrolled cardholder is the right form of incentive since it penalizes issuers instead of merchants. Whatever the incentive, this is an area that needs more discussion. Best, Don Park
