Visa is looking to partner with domestic regulators and banks
Visa is launching the feature on Swiggy and Amazon
Risk-based OTP prompt only requires two-factor authentication for riskier transactions
To get rid of the friction of one-time password (OTP) in digital payments for ecommerce purchases and food delivery orders, global card payment network Visa said that it is trying to replace this authentication layer by a risk-based prompt to enhance the overall transaction journey of a user. For this, Visa is looking to partner with domestic regulators and public and private banks.
Visa said that the company will explain the tech to government bodies and banks to bring India on par with payments practices in other developed countries. It must be noted that while OTPs are generally considered to create more friction, they are well regarded in terms of two-factor authentication, but Visa’s Joe Cunningham said that the company believes that using it in a risk-based manner is even better. “The real growth of our industry is happening through the ecommerce space. To give consumers a wonderful experience some friction needs to be removed,” Cunningham, head of risk for Asia Pacific region, was quoted as saying by ET.
Seeing as Visa is launching this on leading platforms such as food aggregator Swiggy, ecommerce giant Amazon, millions of Indians are expected to see fewer OTP transactions when using Visa cards. It remains to be seen whether other platforms also jump on board after the initial wait-and-watch period.
While it will definitely make online payments a bit faster, it also means that losing a card could result in purchases even without OTPs.
How Risk-Based Two-Factor Authentication Works
In the two-factor authentication of digital payments, the first authentication line is crossed when a user enters card details such as the name on the card, type of the card, CVV, and expiry date. In the current system, the payment provider sends an OTP to the user after verifying their details, to authenticate the transaction.
In this risk-based prompt feature, an OTP will only be required by the user if the transaction is flagged as unusual or risky by banks. Since the number of platforms where the feature is limited, Visa believes that OTP can be done away for some transactions.
This feature uses EMV 3D secure technology to facilitate these OTP-free transactions. The technology has also been used in Australia and Singapore as well.
According to Cunningham, OTP-free transactions will encourage the adoption of digital payments and ecommerce. “If you take a risk-based approach, the vast majority of transactions will go through seamlessly as most are low risk and are typically low value and from an IP address you know very well,” said Cunningham.
Besides OTP-free transactions, the native transaction experience, which lets users complete the transaction on the same app without being redirected to the bank’s webpage, is also improving the user experience around digital payments.