The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) has recently released a draft document addressing cybersecurity issues in the consumer-facing/retail sector. Since the transition to EMV technology in October 2015, retailers must bear the cost for fraudulent, card-not-present (CNP) transactions. Reducing e-commerce fraud in CNP transactions has therefore become a top priority. The NCCoE document sets forth potential methods to reduce the risk of online fraud through the adoption of multifactor authentication mechanisms.
Through collaboration with retailers and cybersecurity solution providers, the NCCoE hopes to develop an example solution that will effectively identify and authenticate online purchasers. NCCoE experts also aim to produce a practical guide for the public to aid in the adoption of multifactor authentication mechanisms.
The NCCoE is seeking feedback and public comment on its draft of the Multifactor Authentication for e-Commerce Project Description to assess its overall feasibility in CNP transactions. Comments can be submitted through the NCCoE website through June 3, 2016.