The E-Commerce Solution
As the online shopping market experiences rapid growth,so does the need for security. JCB is working hard to provide cardmembers with more security when using JCB cards for online shopping.
Secure Online Shoppingwith J/Secure™
As an international payment card brand, JCB developed the infrastructure for its payer authentication service J/Secure™1.0, which was fully launched in April 2004, and its enhanced authentication service J/Secure™2.0, which was fully launched in Q3 2018. J/Secure™ excels in security compared to the currently popular method of payer authentication for online shopping where the credit card number and expiration date are input. J/Secure™ can identify the user as the cardmember thanks to the additional requirement of the cardmember entering a password or by using additional information like the cardmember’s device or country which is gathered by authentication flow. To use J/Secure™, cardmembers do not need to install any special software on their computers; the only requirement is to register their information as designated by their card issuers.
How J/Secure™1.0 Works
At a J/Secure™1.0 compliant merchant's website, the JCB cardmember enters his/her card number and expiration date in the area for payment information. Next, the MPI* on the merchant's server delivers the information to the corresponding JCB card issuer to verify the cardmember's registration status with the J/Secure™ program.
If the cardmember is enrolled in J/Secure™, a password entry screen appears on the user's PC.
The JCB cardmember enters password.
The card issuer identifies the password. The result is then delivered to the merchant.
The merchant's system receives the result and if the passwords match, the merchant proceeds with the authorization and sales transactions following the designated procedure.
MPI(Merchant Server Plug-in)：MPI is a plug-in software that must be installed on the merchant’s system in order to offer the J/Secure™ authentication service.
How J/Secure™2.0 Works
On a J/Secure™2.0 compliant merchant’s website or mobile application, the JCB cardmember enters his/her card number and expiration date in the area for payment information. Next, the 3DS Requestor, who initiates authentication on the merchant’s server delivers the information to the corresponding JCB card issuer to conduct risk-based authentication, without interacting with the cardmember.
If further interaction with the cardmember is not required, authentication is completed and the result is then delivered to the merchant.
If further interaction with the cardmember is required, the JCB cardmember is required to authenticate themselves using any method that the issuer requires. This can be one time password, biometrics or an issuer’s application. The result is then delivered to the merchant.
The merchant’s system receives the result and if the cardmember is authenticated, the merchant proceeds with the authorization and sales transactions following the designated procedure.
To read PDF files, it’s necessary to install Adobe Reader (free of charge).Please click on the icon to download up to date Adobe Reader and view the files.