Simplified, secure payment authentication: New opportunities with DAF and TAF

Payments Banking Security
Visa and Mastercard are introducing the Digital Authentication Framework (DAF) and Token Authentication Framework (TAF) programs to improve the customer experience with online payments through measures that boost the security of transactions and reduce authentication friction. In part one of this blog series, we looked at what DAF and TAF are and the programs’ impact on merchants, issuers, and consumers.

Now, let’s explore two additional areas of opportunity (and one potential risk) that DAF and TAF present for issuers, merchants, and cardholders.

Upgrading trusted beneficiary lists with DAF and TAF

The industry is continually maintaining and improving the security and convenience of online transactions through regulations like the Second Payment Services Directive (PSD2) and Strong Customer Authentication (SCA). For one, exemptions to SCA were introduced to ensure that the customer journey is not hampered by additional authentication steps. Trusted beneficiary lists are one of these exemptions.
The idea behind trusted beneficiary lists is for cardholders to simplify their payment experience by choosing to exempt merchants they trust from implementing additional authentication steps. While this feature should be helpful for cardholders in many ways — like making recurring purchases — in reality, the adoption rate has been slow. Since success hinges on issuers deciding which merchants are eligible, it puts the burden back on issuers to first select trustworthy merchants for the process.
However, DAF and TAF provide a new approach to the problem that these lists should have solved. The two programs shift more of the authentication responsibility to merchants, rather than issuers. And since merchants have the most to gain from streamlined payment procedures, it makes sense that Mastercard and Visa are entrusting this to them.

Improving security for merchant-initiated transactions

Merchant-initiated transactions (MITs) are payments initiated by the merchant rather than the cardholder. Common examples are recurring payments like Netflix, Showmax, or Apple subscriptions; any kind of installments, or buy-now-pay-later services like Uber. So, you can guess that these payments account for quite a bit of the transaction traffic.
And while it seems practical to let merchants handle these transactions, it’s important to note that MITs are currently unauthenticated (as MITs don’t require SCA), which often prompts false declines.
Luckily, most challenges give rise to opportunities in the market. Under DAF and TAF, MITs will have better payment authentication security and reduced friction, as these transactions will then go through as authenticated transactions.
Ultimately, the result will be higher authorization rates and increased security for MITs — both great news for merchants!

Potential risks for cardholders’ online payments

If we look at potential risk scenarios with DAF and TAF, one possibility that should be considered is if a cardholder’s bank card is stolen and they are registered for DAF or TAF. This could introduce the risk of banks not requesting authentication when a fraudster uses the stolen card, leaving them free to attempt fraudulent transactions with that card.
For banks that make use of offline batching systems, especially, this could be an issue as card details might not be updated quickly enough.
However, Amazon and other big merchants will still be employing additional layers of security, like 3D Secure (in addition to DAF and TAF), on all consumer transactions, reducing the risk of fraud.

Entersekt's Context Aware™ ACS reduces unnecessary friction

At Entersekt, we support the goal of DAF and TAF to ensure the checkout process is seamless and secure. Our Context Aware ™ ACS processes real-time data points within seconds to provide our customers with insights, and context on every transaction while shoppers enjoy a hassle-free and intuitive experience.
If you’ve got any questions about the impact of DAF or TAF or want to learn how our solutions support secure transactions and remove unwanted friction, get in touch with one of our experts.