Around 91% of the 7 000 local e-commerce sites that offer payments via credit card have complied with the Payment Association of SAs (PASA) edict to implement 3D Secure.
The security mechanism requires anyone who uses a credit or cheque card to shop online to enter a one-time PIN so that the transaction can be verified.
PASA CEO Walter Volker says 91% of portals that are required to register had done so by the end-February cut-off date, with the only negative being the airline sector, which should be ready by June.
Volker says when looking at this sector in terms of revenue as a measure, the level of compliance will be lower. Although he does not have figures, he estimates the level could drop to between 80% and 75%, because of the amount of turnover the airlines account for.
The effect of the technology in cutting down on fraud will be seen in the next few months, says Volker. He notes online bookings and payments for flights is the single largest category targeted by fraudsters.
Shifting onus
Although e-commerce only accounts for 2.5% of all merchants, the sector accounted for 48.7% of total card fraud among retailers last year, says Volker. He notes this percentage would have been higher were it not for the Dexter attack last year, which cost banks millions in lost revenue.
Part of one of the biggest security breaches in recent local history, the Dexter malware that was installed remotely on some of SA's top fast food and restaurant chains' point of sale systems initially went unnoticed for months.
According to the official South African Banking Risk Information Centre, card-not-present fraud losses increased 16%, to R178.7 million last year.
PASA, which is recognised by the South African Reserve Bank, organises, manages and regulates the participation of its members, which are banks, in the payment system. Volker says the only way PASA can enforce compliance with 3D Secure is through the banks, which then have the onus of making members implement the technology.
Volker says fines can be levied against banks that do not make sure their merchant clients comply, but the extent of these will vary depending on the circumstances. He adds the technology protects merchants and banks in the event of a compromise.
Kalahari.com says it supports the broader aims of 3D Secure, but needs to ensure it is implemented in a way that does not limit customers' experiences.
Share
