EMV® 3-D Secure Version 2.1.0

3D Secure is an authentication protocol for transactions where the card cannot be physically presented at the time of purchase. 2C2P’s high-performance Access Control Server (ACS) integrated with 3DC, a scalable hosted service that enables banks to authenticate cardholders during online transactions. The ACS supports multiple authentication methods, including static passwords, dynamic one-time passwords (OTPs), and Risk-Based Authentication (RBA), enhancing security and reducing fraud in card-not-present transactions.

Key Features

• Multi-Method Authentication: Supports cardholder authentication via static passwords, system-generated OTPs delivered through email, SMS, or mobile apps, and Risk-Based Authentication (RBA).
• 3DS Authentication Request and Challenge Request: Handles 3DS Authentication Requests and dynamically manages Challenge Requests, allowing secure yet user-friendly authentication flows.
• EMVCo 2.0 Compliance: Integrates EMVCo 2.0, focusing on Risk-Based Authentication, ensuring a seamless and frictionless experience for cardholders.
• Visa 3-D Secure 2.0 Standards: Fully compliant with Visa 3-D Secure 2.0, enhancing security and user experience during online shopping.

Technologies

• Languages: C# (.Net Core 3.1)
• Protocol: EMVCo
• Data Store: Oracle, MySQL, Redis
• Messaging Queue: RabitMQ, Kafka
• Infrastructure: Docker, Kubernetes, AWS, Jenkins
• Logging and Error Tracking: Elasticsearch & Kibana

Challenges and Solutions

Challenge: Achieving compliance with EMVCo and Visa 3-D Secure standards while maintaining high performance and scalability.

Solution: Developed robust Access Control Server (ACS) simulator to simulate with major card providers for instance VISA, MasterCard, UnionPay

Impact

The EMV® 3-D Secure ACS significantly improved card-not-present transaction security, reducing fraud and chargebacks while providing a user-friendly authentication experience. By effectively managing 3DS Authentication and Challenge Requests, the system empowered banks to offer secure online shopping options, boosting consumer confidence and minimizing transaction abandonment.

Role and Contributions

When I joined the company, this project was already underway, and I was assigned to work on it alongside a team of three senior engineers. Together, we completed the initial draft. After that, I had the opportunity to build the Risk-Based Authentication (RBA) method from scratch, which became a key part of the system’s authentication process.

I built the simulator using ASP.Net MVC, which successfully processed challenge requests based on configurable authentication methods, ensuring the project met all compliance standards.