The accelerated advancement of e-commerce has brought enormous opportunities for retail, but it has also increased the complexity of a challenge that affects all digital retailers: ensuring that the buyer is actually the holder of the card used.
In an environment where every transaction can become a financial risk, authenticating customer legitimacy has become one of the strategic pillars for any digital operation. This is because, when a purchase is made with a credit card, there is always a question about who is entering the data. If the person is not the actual card holder, they can dispute the transaction with the issuing bank and generate direct losses for the retailer. Retailers, which often operate on thin margins, cannot afford to bear this type of loss.
Traditionally, stores have turned to anti-fraud solutions, which evaluate multiple signals during checkout. These tools analyze CPF, card data, email, address, behavior history, device use and hundreds of variables that, combined, generate a risk score.
If the system sees inconsistencies, the transaction is declined. However, this process is not perfect. Legitimate customers are also blocked, especially when something deviates from the standard, as happens when the bank issues a new card, or when the buyer changes their cell phone or address. For e-commerce, the silent loss of revenue caused by false negatives is accompanied by a direct impact on the customer experience: when a legitimate buyer is refused a purchase, the brand also loses credibility.
This is where authentication technologies begin to gain prominence. The 3D Secure (3DS) protocol, for example, allows the issuing bank itself to validate the buyer. The customer is directed to the bank's app, receives a push or SMS and confirms the transaction. This additional step creates unequivocal proof that it is the holder who is making the purchase, protecting the store from future chargebacks.
However, even with the evolutions to version 2.0, each bank implements the “challenge” in a different way, which directly affects the experience. Some flows are faster and more intuitive, taking just a few seconds to authenticate the user. Still others are confusing and poorly adapted to mobile, which can lead to friction and cart abandonment.
The good news is that version 2.0 allows silent authentication, without friction for the consumer. In this model, the store sends more data to the bank, which can automatically approve part of purchases without interruption and challenge requests, preserving the experience and, at the same time, increasing security.
The great advantage of this authentication is the so-called liability shift. When the transaction is authenticated by the bank, the responsibility for any possible chargeback due to fraud ceases to be the responsibility of the merchant and becomes the responsibility of the issuing bank. This reduces operational risk and improves financial predictability, two essential elements for growing businesses.
Another trend that has been consolidating in the market is the use of facial biometrics as a complementary layer of identity validation. Solutions such as IDPay, from Unico, take advantage of the database created during account openings at digital banks and large retailers to create a digital identity network.
When the customer initiates a purchase, using this feature, the system can confirm whether the face captured by the cell phone corresponds to the CPF used for the purchase and whether this same face is the holder of the card used in the transaction.
This process takes place in seconds and is usually more user-friendly than the 3DS authentication challenge flows of some issuers, especially in banks that do not yet have systems well adapted to the mobile environment. In addition to increasing validation accuracy, this approach allows merchants to approve transactions that traditional anti-fraud would reject. And, in cases of future disputes, biometrics provide powerful evidence that it was the owner who completed the purchase.
For companies that want to scale securely, the most effective path is to combine and orchestrate different tools, anti-fraud, 3DS and biometric validation. At Tuna, we have cases where the implementation of new tools increased approval by more than 20% by reducing undue rejections.
This integrated ecosystem reduces risk, increases approval rates, and protects the customer experience. In a competitive market with tight margins, buyer authenticity is no longer just a security measure: it becomes an essential strategy for boosting conversion, ensuring operational sustainability and building trust at each stage of the digital journey.
