- Merchant Plug-In
A Merchant Plug-In (MPI) is a software module designed to facilitate
3D-Secure verifications to help preventcredit card fraud . [cite web
url=http://usa.visa.com/merchants/payment_technologies/tech_vendors_vbv.html
title=Visa USA Merchants Verified by Visa
accessdate = 2008-09-25 ] The MPI identifies the account number and queries card issuer (Visa,MasterCard , orJCB International ) servers to determine if it is enrolled in a 3D-Secure program and returns the web site address of the issuer "Access Control Server" (ACS) if it is found. [cite book
last = Bidgoli
first = Hossein
title = The Internet Encyclopedia
publisher =John Wiley and Sons
year = 2004
isbn = 0471222038 ] Merchants are responsible for installing an SSL/TLS MPI at their servers.cite paper
author = Jarupunphol, Pita
coauthors = Mitchell, Chris J.
title = MEASURING 3-D SECURE AND 3D SET AGAINST E-COMMERCE END-USER REQUIREMENTS
url =http://www.isg.rhul.ac.uk/~cjm/m3sa3s.pdf
accessdate = 2008-09-25 ]Each card issuer is required to maintain an ACS used to support cardholder authentication. A customer authenticates to this ACS by providing their
username andpassword and the ACS signs the result (success or failure). This signature is then passed through the customer's browser and to the MPI. The plug-in verifies the ACS signature and decides if it wishes to proceed with the transaction. [cite paper
author = Balfe, Shane
coauthors = Paterson, Kenneth G.
title = Augmenting Internet-based Card Not Present Transactions with Trusted Computing
url =http://www.isg.rhul.ac.uk/~kp/CNP.pdf
accessdate = 2008-09-25 ]Commercial MPI software is available from a number of merchants.
See also
*
3D-Secure References
Wikimedia Foundation. 2010.
