Here's another situation where a customer is at risk - not only from fraudsters, but from the convenience of online buying. For decades we have preached that security should not get in the way of usability. Died-in-the-wool security pros took the position that one could have security or convenience, but both was out of the question. Of course that's not how it is today, for the most part, but in the world of online business transactions it is a tough tightrope to walk.
CA has this one nailed with its latest eComMinder with RiskMinder. This cloud-based service does nothing but protect the user against the risk of fraud when purchasing with a credit card online. eComMinder with RiskMinder starts out when the user logs into a participating online merchant site with a credit card. The merchant site sends a request for authentication to the card issuer and the card issuer responds to the user. It also responds to the merchant and, for that session, the user no longer needs to worry about fraud. There is a bit of backend communications between the merchant, the card issuer and the directory server, but these things go on in the background.
The RiskMinder piece adds the dimension of real-time risk analysis and scoring based on a number of factors. Should the user want to perform high-risk transactions, the CA system can require strong authentication dynamically depending on how the administrator writes the policy. Overall, at a buck per card - substantially less when one starts looking at millions of cards - this is inexpensive fraud insurance.
At a glance
Product: eComMinder with CA RiskMinder
Company: CA Technologies
Price: Starts at about $1 per card and decreases with volume.
What it does: Manages card-not-present (CNP) transactions.
What we liked: From the end-user perspective, it doesn't get much simpler than this. Supports the 3D security protocol.