info@3dsecurempi.com
+44.(0).870.490.8278

Visa Digital Authentication Framework (DAF) Program

Posted On: Friday, May 12th, 2023

The Visa Digital Authentication Framework (DAF) Program brings frictionless authentication, enhanced customer experience and higher transaction security.

Visa is introducing a new program called Digital Authentication Framework (DAF) which seeks to improve security and enhance the frictionless capabilities of 3DSecure Transactions.

How DAF works

When a merchant participating in the DAF program sends a 3DS Authentication Request including the DAF flag, the Visa directory will instruct the Issuer to not challenge the authentication. If the pan is being used for the first time, Visa will requires a step up challenge to take place before setting up DAF for future transactions.

DAF affectively binds a card number to a merchant. In this manner it has many elements that are in common with Tokenization, but without the added complexity; everything is managed by the Visa directory.

How does DAF differ from similar features already in the 3DS specification such as Merchant Whitelisting/Trusted Merchant Listing? The objectives of the two methodologies are similar but DAF is managed directly at the Visa Directory while Merchant Whitelisting is supported by the Issuer and therefore support will be more inconsistent across the ecosystem.

DAF is designed for improving security in markets where 3DSecure is not mandated or not in common use and transactions are processed without 3DS despite the fraud. It seems to provide a layer or security and authentication while maintaining a frictionless flow.

In Europe where PSD2 SCA applies to a transaction, a merchant/TR can only submit a transaction (domestic/intra-regional) under the DAF if:

  • SCA has been completed either:
    • Under the VDAP program
    • Under an SCA bilateral outsourcing agreement
  • or:
    • The transaction is eligible for an Acquirer SCA exemption

Rules for DAF

DAF is available in the form of a 3DS Extension and is supported from Versions 2.1 upwards.

Merchants must be registered to the DAF program and be accepted by Visa.

Visa will enable DAF on these two criteria:

    • The Issuer has confirmed the authenticity of the Payment Credential through Issuer identification and verification (ID&V) or
    • Visa has determined the Payment Credential to have a sufficient history of successful Transactions at a registered Merchant such that the Issuer has effectively validated its authenticity and the Payment Credential is uniquely associated with the registered Merchant or Merchant Token Requestor

Merchants who transact with Authenticated Payment Credentials and meet the DAF program criteria on qualified purchase transactions will receive fraud dispute protection in a frictionless manner on subsequent transactions.

Participating Issuers will enrol card ranges to support DAF. Issuers will provide SCA to setup DAF and will either accept a DAF enabled Authentication request frictionless or used Risk based authentication to decline the request.

Contact Endeavour to explore how DAF can work for your business.

Full support for major card brands and banks

Making eCommerce Safe

Be in the know

Industry news, events and major releases.

Endeavour will participate at Singapore Fintech Festival
Posted on: Friday 10th November, 2023

Let's talk Authentication and Tokenization in Singapore.

Benefits of Network Tokenization
Posted on: Wednesday 8th November, 2023

How Network Tokenization Leads to Higher Authorization Rates and a Better Customer Experience.

Endeavour is Attending Seamless Asia
Posted on: Tuesday 20th June, 2023

Let's talk Authentication and Tokenization in Singapore

Here to help

Questions? We've got answers.

Kindly note that we do not support cardholders wanting to activate 3D Secure on their card. Please contact your bank directly using the phone number provided on the back of your card.