We just raised a $30M Series A: Read our story

Broadcom Payment Security OverviewUNIXBusinessApplication

What is Broadcom Payment Security?

Find the balance. Payment Security delivers more secure online transactions with an excellent customer experience.

Card-not-present (CNP) fraud costs billions of dollars annually across the globe. Issuers, processors and merchants need new applications to fight back with security that doesn’t get in the way of business.

Broadcom has the answer. With our industry-leading authentication solutions, you benefit from:

  • The largest global consortium network of real-time transaction data
  • Patented predictive neural network models for highly accurate, real-time decision-making
  • Unsurpassed leadership in EMV 3-D Secure

You maintain full control over your authentication strategy, fraud systems and policies. Simply said, our solutions help you lower your costs and accelerate your business success.

Broadcom Payment Security was previously known as CA Risk Analytics, CA Transaction Manager, CA Payment Security Suite.

Buyer's Guide

Download the Fraud Detection and Prevention Buyer's Guide including reviews and more. Updated: November 2021

Broadcom Payment Security Customers

Eurocard

Broadcom Payment Security Video

Archived Broadcom Payment Security Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
JP
Consultant Fraud Risk Management at a financial services firm with 501-1,000 employees
Video Review
Consultant
We are using the product for 3D Secure authentication and fraud prevention

How has it helped my organization?

The valuable element is the data that I have. They have a lot of machine fingerprint data and that's data that we miss on non-3D Secure card not present transactions. We see a high value in that. With all the fraud rules that we built, we have a very good false positive ratio because of the big data that CA has.

What is most valuable?

We are using CA Transaction Manager for authentication and have CA's Risk Analytics for rules and case management. As an authentication method, we currently have static password + OTP via SMS (2-factor) and softOTP in our App. SoftOTP is an OTP generator within our own banking app delivered by CA. Soon we are going to migrate from SoftOTP to a new sdk that includes biometrics, also delivered by CA.

What needs improvement?

For CA Risk Analytics, we would like to have some statistics available, to do some counting on the number of transactions for example. Also, to have the ability not only for 3D Secure, but accross all online channels. Online banking and App.

Because then you would have three online channels. You would have the same device data, so you can combine it. So then you would have an online banking platform, an app, and 3D Secure all from one supplier. This supplier would support all of our authentication methods across those three channels.

That's our ultimate goal to have one supplier to support all three online channels.

For how long have I used the solution?

I think we started with this solution in 2003.

What do I think about the stability of the solution?

It's very stable. I know in the beginning when moving from static password to soft OTP there were some bugs. But that's normal. With every new solution, you have to tweak.

What do I think about the scalability of the solution?

Within the Netherlands, if I can speak about the Dutch market, a lot of Dutch internet merchants support 3D, but on a scale of all card not present transactions, only 25 to 30% of the merchants are 3D Secure for card not present transactions. But we would like to see that moving further so that all card not present merchants support 3D Secure.

How are customer service and technical support?

This is very good. We have been in contact because the technical team is in India, so we have a lot of contact with the people over there.

Sometimes, there is a bit of language issue of understanding problems. But normally, project managers who are there to deal with our issues speak very good English and there's a good relationship there.

How was the initial setup?

I think in some migrations from static password to SoftOTP, there was a large impact on cardholders. We also did a biometrics pilot together with MasterCard and CA and it went very smoothly.

What other advice do I have?

Card holders have to step up for authentication. The fraud rates dropped for card not present fraud. We see that the non-3D Secure fraud is rising as well as account takeovers. That's why I think it's very good to have such a product in place.

When selecting a vendor, I want them to be straightforward, do a lot of innovation, and be a step upfront of the issues as needed. I think those are the most key and important things that we expect.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user711591
Analyst at a financial services firm with 10,001+ employees
Vendor
I use this product to see the customer's previous IP addresses. It's pretty useful operation wise.

Pros and Cons

  • "I use this product to extract cases from there and then send it to Ops to review and analyze."
  • "I had wish it would be this one, this authentication for fingerprint and face would be promising."

What is most valuable?

I work under fraud analytics. So I use this product to extract cases from there and then send it to Ops to review and analyze. Then mark it as either fraud or genuine. And if we get bad IPs from there, I add it up to our negative IP list. So it's pretty useful operation wise, and also in terms of some inquiries from us, if a customer is disputing they didn't receive an OTP password on their online transaction, and then they're disputing that it's not theirs, and it's unauthorized, but it was a successful transaction,

I use this product to see the customer's previous IP addresses. If they used it genuinely before then we ask them again, that this IP address or this device was used genuinely on these so and so days. And how come they say it's unauthorized. Maybe check if it's your son who used your phone or so forth.

What needs improvement?

In other scenarios we would require if you are saying someone has ported your phone to get the OTP from your phone, please get a certificate from your network, something like that.

It's pretty useful for our daily online pretty secure needs. So I don't know yet, I don't know yet. I'm still new as an analyst, but if I had wish it would be this one, this authentication for fingerprint and face would be promising.

That will solve my problems with a customer saying they didn't authorize, they didn't sent that OTP, when in fact we saw that it's a successful one, and how can you prove that it wasn't you? Yeah. Will solve that problem.

What do I think about the stability of the solution?

I don't have any issues with stability.

They quickly respond to me, whenever I need help. It's not a show stopper for me, per se, but currently I know there's an issue with an IP address change that my colleagues in Manila can't access their website. They've been using it for five years though. But it's a conversation between the IP and the technology head in Manila to explain why their IPs has changed.

How is customer service and technical support?

For me they're really quick. if I need my password change, or I ask something urgently, I can get it.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
Find out what your peers are saying about Broadcom, InAuth, Featurespace and others in Fraud Detection and Prevention. Updated: November 2021.
554,873 professionals have used our research since 2012.
it_user711588
Fraud Strategy Manager - Cards and Digital at a financial services firm with 10,001+ employees
Vendor
Having a robust solution to manage your 3D security rules authentication strategies is very important

Pros and Cons

  • "In terms of the fraud that we see on the card site, card not present fraud, the person gives contribution to what the total fraud has increased substantially."
  • "Probably having more flexibility and working on usability and how we use the solution."

What is most valuable?

In terms of the fraud that we see on the card site, card not present fraud, the person gives contribution to what the total fraud has increased substantially.

Therefore, having a robust solution to manage your 3D security rules authentication strategies is very important. And that's, again, balancing customer experience with fraud, so that's where all this becomes important.

How has it helped my organization?

I definitely brought over a lot of my learnings from a previous company. I was already familiar with the interface over there on rules, etc. We were doing the space for authentication over there. So that's something, which I tried to influence once I started working here. Based on my knowledge, I've been able to get and write better rules over here and try to drag down challenge rates.

What needs improvement?

Probably having more flexibility and working on usability and how we use the solution. Obviously, the network that they are now trying to implement, which has information coming across the world, rather than looking at isolated information from your own bank.

I think those are the things that would make the solution much better.

For how long have I used the solution?

I joined my current company a year a and a half back, so I've been using this for a year and a half. But I was at Citibank in a different geography, so we had CA as well, so I was using it there as well. All in all, maybe five years.

What do I think about the stability of the solution?

I think stability-wise, we've not really had any issues in terms of stability.

Flexibility, yes. User, as in more user confederation options. These are the things, which we've been talking about, to try and see how these things can move.

So basically usability and flexibility.

What do I think about the scalability of the solution?

No, the market over here is such that penetration of 3D secure is pretty low, and that's not changed dramatically, so we've not really seen that increase in scale happen as of now.

But with the new protocol coming in, we definitely expect that over the next year and a half, two years, it should scale up. But I've seen this in another market, so I know that this solution is quite scalable.

How is customer service and technical support?

They're pretty quick to get on to whenever we have an issue of any problems, they're pretty good to get on to them. There were a couple of problems last year that we faced.

Their response time was amazing, but it took a lot of time to actually get the responses that we got were not really satisfactory, so it took a lot of time and alterations to get something fixed, which should have been fixed much earlier.
But in terms of engagement, at least people over here are pretty good as in they get on to your things straight away.

How was the initial setup?

It's pretty straightforward. The initial setup I don't think it's complex.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
it_user711585
Senior Vendor Manager Retail Products at a financial services firm with 10,001+ employees
Vendor
It enables the bank or the issuer to offer their customers protection on their online transactions. It also gives some sense of security to the merchants.

Pros and Cons

  • "For us, it enables the bank or the issuer to offer their customers protection on their online transactions."
  • "I think improvements for us, it's making it simple enough that anybody can understand how it works."

What is most valuable?

For us, it enables the bank or the issuer to offer their customers protection on their online transactions. It also gives some sense of security to the merchants, and it enables us to confidently accept that liability that comes over when both teams are playing. So when your issuer and your merchant are participating, it gives us a significant amount of control over accepting that risk.

What needs improvement?

Hopefully with 2.0, we are going to see improvements. I think improvements for us, it's making it simple enough that anybody can understand how it works. But then, that's having the ability to give us access to that really deep information. Again, in an easy manner. I think at the moment, getting into that rich data is quite an effort. I think if, moving forward once 2.0 comes in, there's going to be a real benefit in being able to communicate that complex data quickly and readily.

The process will look after itself. I think that that's there already but it's the insights that come from that. At the moment, they are quite complex and quite difficult to access. Possibly just from getting access to the information, but how it's represented, and how it's interpreted by the people that aren't eating and breathing fraud every day.

For how long have I used the solution?

It's been at our company since 2001.

What do I think about the stability of the solution?

No. So, we haven't had materially any downtime. In its current state it's quite, sort of, basic. I don't think it's sort of fraught with uptime, downtime issues. We haven't had a lot of issues with it.

It's probably more so the peripherals around the outside, like accessing user interfaces, those sorts of things. But the actual transaction platform, no.

What do I think about the scalability of the solution?

Probably within the last couple of years, we added in more of our portfolio. So, we initially only had a certain number. We've added in the debit product, and we've added in commercial product, but that's only because we were sort of forced to. We probably wouldn't have put the commercial on there otherwise.

How is customer service and technical support?

Within the last 12 to 18 months, tech support has been probably less around tech support, but tech, like, technical assistance. Because it doesn't really go down, there's not really a lot of tickets that are raised. But technical assistance when we're asking technical questions has been really, really good.

We've got really good response times back for some technical questions. Because we touch it so infrequently, it's not like for the business that I sort of look after, it's not something that you touch every day. So you will have to go back and, what does that mean, again? How does that work, again? And so the response has been very, very good.

How was the initial setup?

We haven't really faced any challenges. I think a couple of times some changes have been made and once, believe it or not, the CA team were ahead of time, and they implemented sooner than we thought. And so it had very bad flow and effects for us. So, it was "Back it out." But, no. Everything that the tech support has been good in whatever they're doing technically.

To be honest, we don't notice it, so I would argue that if we're not noticing it, if they're telling us there's outages, we're not seeing it. It's not impacting us, so it must be good.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
it_user711582
Senior Manager, Cards Value Added Solutions at a financial services firm with 10,001+ employees
Vendor
The value that we get out of CA is their effective scheme diagnostics.

Pros and Cons

  • "I think for us, the value that we get out of CA is their effective scheme diagnostics."
  • "This solution can improve around the challenge rates and the failures."

What is most valuable?

I think for us, the value that we get out of CA is their effective scheme diagnostics. It can be utilized by any scheme issue for us. Then, the fact that it's quite similar in a sense that there's not really a lot of onus on us to manage the service itself.

CA does a great job of being able to manage it in and of themselves. They then come to us with issues if there are any other suggestions where they feel as though we could improve.

What needs improvement?

This solution can improve around the challenge rates and the failures. I don't know if that's necessarily incumbent on CA to solve that problem. I think it's more of an industry problem, so it's not necessarily the solution itself that needs to be improved. It's probably more around us as an industry focusing on education, the data integrity, and a few other aspects.

For how long have I used the solution?

Since February 2015.

What do I think about the stability of the solution?

I'm not as close to this part as my other colleagues, so I sort of sit in the business of managing the P&L and then you've others who look after the operational side of this. However I have to say that not once can I recall stability concerns since we've been on board with CA.

How is customer service and technical support?

The majority of my interactions were when we were first on board with CA, those interactions there as there should be. Then we recently sort of re-established, quarterly reviews so to speak, just business reviews. Then now in light of 2.0 there's been more engagement with CA, as there should be.

That's the right frequency, so to speak. You consider the scale of our business and their business relative to what we do. It seems to be adequate, certainly for myself. I think they engage more frequently with management because they are using things that they're trying to develop. It seems as though from what I hear from them, the relationship is managed well and it's managed the way it should be.

How was the initial setup?

It was, from what I understand, quite complex. We're moving from one scheme managed to a phased solution, to three schemes. It ends up being a great solution and it's resulted well for us.

Frankly, it is quite complex when you have multiple parties. Any delivery is more complex when you've got multiple parties collaborating to achieve a common goal, when you've got different staging environments and different release cycles and whatnot that you have to manage as well. So I would say on the scale of things it was quite complex.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
Supplier3a9e
Supplier Management at a financial services firm with 10,001+ employees
Real User
We are able to see fraud transactions and the subsequent realized losses.

Pros and Cons

  • "The service works as described, the Admin console is very good along with customer service, and"
  • "The service is improving with the implementation of 3D Secure 2.0."

What is most valuable?

The service works as described, the Admin console is very good along with customer service, and the management support, which is excellent.

How has it helped my organization?

Our organization is able to see fraud transactions and the subsequent realized losses.

What needs improvement?

The service is improving with the implementation of 3D Secure 2.0.

For how long have I used the solution?

I have used this solution since February, 2016.

What do I think about the stability of the solution?

There were no stability issues, the SLA uptime percentage has never dropped below 99%.

What do I think about the scalability of the solution?

There were no scalability issues.

How is customer service and technical support?

Technical support is excellent, I would rate it a 10 out of 10.

What's my experience with pricing, setup cost, and licensing?

Utilize the transaction pricing model versus the active cards because the ability to monitor active cards hasn’t been good.

What other advice do I have?

The reason I gave my rating of a nine was on the basis of us not having clear visibility into our billing structure. The original contract was based upon active cards, which is the number of cards that is stored in CA’s database system. Once a card is in the system, there is no way to validate whether that card was actually utilized during that billing month or not, yet the customer is charged for that card being stored. We also do not have an ability to remove the cards without implementing a $20K software module, which we really didn’t need because the software module primarily performed other functions but deletion of cards was just one of the many functions.

With no ability to validate activity, no active reporting to determine the validity of activity, and no ability to remove cards that would be considered inactive, lost/stolen, our costs increased month over month. I worked with the CA management team to revise the pricing model; but to me that is what needs improvement. The pricing construct can be very cumbersome.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user701712
IT Manager at a financial services firm with 51-200 employees
User
It has added another layer of security in which it reflects customers' confidence in dealing with our organization

What is most valuable?

All of the features are valuable in my day-to-day work.

How has it helped my organization?

It has added another layer of security in which it reflects customers' confidence in dealing with our organization.

What needs improvement?

We need more improvement in the Arcot console, which is used in monitoring 3DS transactions for example caching real time transactions rather than getting them after two or three hours.

For how long have I used the solution?

Six months.

What was my experience with deployment of the solution?

No issues with deployment.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

No issues with scalabiility.

How are customer service and technical support?

The technical support is great.

Which solution did I use previously and why did I switch?

No, this is the first time.

How was the initial setup?

The setup for this product is very straightforward.

Which other solutions did I evaluate?

No, this is the only product we looked at.

What other advice do I have?

I advise anyone that is looking for a payment security product to choose this solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user650394
Global Head of Fraud Management at a financial services firm with 1,001-5,000 employees
Video Review
Real User
The performance from my organization's perspective is excellent in terms of minimizing the friction on genuine transactions with genuine customers

What is most valuable?

I think the performance from my organization's perspective is excellent in terms of minimizing the friction on genuine transactions with genuine customer, whilst optimizing the bad transactions, the fraudulent transactions that it stops. It achieves a tremendous balance.

How has it helped my organization?

Customers want to be able to use their cards online in a manner which is fast but secure and minimizes friction, so the solution that we have from CA means we can achieve that objective.

For how long have I used the solution?

I've been using them now for a couple of years, but have been using similar solutions for over 15 years.

What do I think about the stability of the solution?

I'd say it's been consistently stable, very minimal downtime, absolutely. We've been really happy with that.

What do I think about the scalability of the solution?

Certainly, our experience has been that as the business has grown in terms of volume, but also we've put other countries, other regions across the world onto the solution as well, which is added volume. I've not experienced any issues with that increased volume, so I'd have to say yeah, it's meeting our scalability needs.

How are customer service and technical support?

This is the one area where there's room for improvement. This is information I've fed back to CA already. I think that is the one area where improvements can be made in terms of speed of response, in terms of quality of response, and in terms of more so a proactive problem monitoring.

Which solution did I use previously and why did I switch?

This is a particular area of CA strength, is their customer focus, ability to work with you and change. I talked earlier about working with CA to deliver an innovative solution that works across multiple geographies. I've found in other solutions, it's more of a kind of one-size-fits-all approach, less customer-focused. You know, "This is our solution and you need to change to use it," as opposed to the CA approach was much more flexible and responsive to change.

How was the initial setup?

That's a difficult one for me to answer, because from most customers' perspective, it would be quite straightforward. We have a very complex business in terms of the countries that we operate in, meaning that we need to offer the solution in multiple different languages. We're in different markets that have different regulation, each one has different regulation, so there's a lot of challenges there for our business, but I think CA have done a really good job in terms of helping us through that, so we've managed to keep a standard solution that fits all of the needs of those different markets. I think we've got quite an innovative solution as well for those customers that may be looking to operate in multiple countries as opposed to one particular market.

What other advice do I have?

I would certainly recommend CA over other solution providers in this space for the reasons that I mentioned in terms of being very flexible and responsive to the customer's needs, having that experience now of being able to operate across multiple geographies, and looking to constantly invest and improve the performance of the solution as well.

I think that many of them are on the roadmap already in terms of making the solution work better in the mobile space, investing in collecting device information, more device information, more transaction information to improve the predictability in terms of the score of transactions to keep increasing the percentage of transactions that don't require customer authentication, while stopping more of the fraudulent ones and trying to get that balance as optimal as possible. Investing in the science behind that, the data behind that, making it work with more and more types of devices, bringing in touch ID, bringing in other forms of biometrics as well to make that customer journey much easier.

I would rate it with a nine right now, and I think the reason for that is I do think there's room for improvement in the technical support space. I think if CA can get that right, it could easily be a 10 right now.


Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user651792
Service Manager at a financial services firm with 10,001+ employees
Video Review
Real User
We were able to give improved customer service and fraud prevention.

What is most valuable?

We found that we were able to give much improved customer service and improved fraud prevention. It improved commercials. Commercials were a big factor. The opportunity to do an improved customer service offering in changing the way that we approached the process, almost shaking it up a little bit, and having an opportunity to rethink what we did.

What needs improvement?

Keep them what they are doing at a time when they are growing to be able to keep that one to one support for us when other people are starting to come aboard and realize the benefits of moving to CA. We want them to be able to keep up that level of relationship management with us.

There is always room for improvement, but we really don't have any complaints in our office. We work well with CA.

There is always room for improvement. For example, there have been service outages/incidents and work has to be chased, for completion or comment

For how long have I used the solution?

Our first anniversary is coming up, so one year.

What do I think about the stability of the solution?

It is all within our contractual SLA. Anything that we had, has been a blip. How that has been handled has been brilliant.

We've had a lot of attention on any small bits that we had to report in. We've been hand-held throughout. We've had regular meetings, one to ones. It's all been great.

We are in the process of collaborating with CA at the moment on a proof of concept for further developing our syndication in the long term to further enhance the customer experience.

How is customer service and technical support?

They are excellent. They do one to one marking. Their reaction to our needs, whether it be from email queries, full on technical support, or running proof of concepts; their ability to work with us is great. We really feel that we have got a one to one relationship management setup with them. They're brilliant.

How was the initial setup?

The migration was very straightforward. I think, all-in-all, it took us about 12 to 15 weeks, post-contract, for us to migrate. So, it was very easy, with a lot of support.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user651801
Project Manager at a financial services firm with 10,001+ employees
Video Review
Real User
We have functionality for challenging fraud and risk analytics.

What is most valuable?

We currently are migrating to CA. We're coming from a legacy model. We only have simple functionality, in terms of what we are going to do for challenging fraud.

Overall, there's a strategy to reduce that. It's kind of a new within our commercial book. CA has been recognized as being the leader within the commercial sector. Hence, there's a move to move towards these best practices.

What needs improvement?

Unifying operational changes around highlighting. If you highlight one item, it will highlight the one card that's affected across the board.

Unifying that functionality across all areas of the components that operations would use would be really good, giving them a great landscape to work with. Can you see all of it on one screen and is it clear?

One thing we are going through right now is looking at the legacy system and seeing where that information from the audit area would be getting back to an agent.

They are used to seeing something that they're adopting in the new system. Are they going to see the same thing? If not, do they need to see it?

Challenging the operations as well, rather than just saying, "The product doesn't give us what we need, therefore, we need to change it".

What do I think about the stability of the solution?

The legacy platform's been there for 13 years. The improvements we've done from the colleague or a customer side of things has been limited. I joke when it says your Internet Explorer options needs to be 5.5 and above. That gives you some idea of how often we update the site.

For customers and colleagues, there's a good length of engagement we've had with them to make sure that they are fully immersed in what we're doing.

The reduction in operational impacts improves customer journeys. We have got a whole emphasis that the organization works for, of bringing in more digital experience to customers, as most probably the industry has as well.

What do I think about the scalability of the solution?

RTS feedback today says you've got to look at virtual and pre-paid. We would keep the working assumption that it wasn't going to be in scope for us and that it was just going to be physical.

Virtual is possibly our largest growing segment within the commercial portfolio. We concert more business and large corporations. It's very diverse.

The scale of it is in terms of options we can give to customers, in line with operational impact against the fraud reduction will be absolute paramount to what we need to do going forward.

How are customer service and technical support?

It's purely been from a technical implementation respect, but we had a few curve balls thrown at us by our own internal governance. They have literally taken everything on board and said, "We can't do it this timescale, but we can work to this".

So, it's constantly proactive. We're constantly engaging with them backwards and forwards and saying, "Can we do this?" We always throw the curve balls at them. We always were, especially, with the new releases.

We're doing this for our third-party as well. As a team, it's successful with everybody playing their part and they have been there at the forefront defining new stuff, suggesting things around strategy where we don't have the experience, and we don't have the current data. It's a fresh book that we are looking at.

Which solution did I use previously and why did I switch?

Let's put it this way, it's like going from Larder to a Ferrari. People laugh when I say that, but at the end of the day, it's more intuitive.

The customer experience is better. We are going for a light to light design to where we are still using impartial password. But, it gives us the foundation to move forward into something that we want to do and know where the business wants to go. We're seeing it as a commercial opportunity above and beyond the fraud savings that we're looking to generate.

How was the initial setup?

There are a few unique things that we're looking at around access controllers for internal purposes, for audit. It's not an out-of-the-box functionality. We don't have reports. It's got to be automated.

Again, it was a new requirement. We've put it across. These guys are working to do it and our US operation has requested the same thing, because it came across the group and they are working with us.

They want to put this on their roadmap and say, "How can we facilitate you?" Considering as we're a new customer, we'd talk about the innovation that they're doing around risk analytics.

I think if we had gone to the old systems, our operational errors might push back a lot harder. But seeing what they are doing within it and the support we do get with the training and the level of engagement, they want to support us with the strategy where we might not have that skill set yet.

We're building as a new team. They have been absolutely paramount of any conversation we have with the business.

What other advice do I have?

The way I see it, with the MI coming up to bat, that is what will drive anything, whether it's a customer journey, an operational change, or just the fraud strategy and the engagement.

From a professional element, knowing their stuff and just seeing them today talking from a data science perspective, these guys know what they're talking about. It seems really, really engaging.

When looking for a vendor, I look for communication and innovation.

Communication: Somebody you can actually work with, talk to, and get along with. We're not developing any code ourselves. The implementation changes that we are doing are literally being done between a third party vendor and a strategic partnership with CA.

We are the customer, but we are working alongside them, because obviously the operational impacts and building the strategy is from the ground up.

And you need to put scheme involvements in there. There are five third-parties that I'm dealing with on a day to day basis. CA has very much unified that. They have brought their experiences together with the schemes books. We own that relationship, so we have to drive the changes.

We couldn't ask for anything more, really. They really have unified that element given their experience. Going forward, we are looking to build our own roadmap against what regulation changes are coming up.

If it all goes well and we get our numbers down, then we can talk again for a higher rating.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user651795
Head of Strategy and Vendor Management with 10,001+ employees
Video Review
Vendor
A solution that protects the bank and their cardholders.

What is most valuable?

For a bank, we've seen transactions move to e-commerce. We needed a solution that would protect the bank and protect the bank's cardholders, and that's what this solution gives us.

What needs improvement?

I think some of these are outside of CA's control. We work in a regulated environment, so we've got our financial regulators setting standards. We've got the major card scheme setting standards for us. It's really how CA can respond to those changes that we see coming down the tracks from the schemes or from the regulators. It is how CA shapes their products to meet those changes.

For how long have I used the solution?

We've been using this solution for about five or six years, and we've made some changes to it in the last year or two.

What do I think about the stability of the solution?

It's quite stable. No solution is going to be 100% up, but in terms of what we've seen, we've been quite happy.

What do I think about the scalability of the solution?

For our bank, we've experienced rapid growth and transaction volumes. We've seen no issue with scalability.

How was the initial setup?

They would have had their pre-sales team in to our technical resources. Once you have got yourself, as a bank or as a company, set up so that you can work with them, that's when you actually get the benefit.

It's important to get the skills transfer when you're going live. The CA guys clearly know their solution. It's important that your own teams get that knowledge when you're going live.

Which other solutions did I evaluate?

We've been happy with CA. We're aware of other solutions, but we haven't looked at them.

What other advice do I have?

They need to do their own research and understand what issues they're trying to fix in their organization. Different organizations have different issues that they want to fix and remediate.

Once they identify those issues and they're clear about what they're fixing, then you can work with CA to target the product to fix the problem that you're trying to address.

They are a leading company in this space. I think we've been very happy with this solution. Their expertise is very good.

When selecting a vendor for any solution, you're looking for the right product set and the right price, but critically, you're looking for the right people. Not everything works out to be as smooth as you'll always hope for. You really need a relationship that you can fall back on and actually discuss issues when they arise and fix them.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user651798
Customer Services Manager at a financial services firm with 10,001+ employees
Video Review
Vendor
The valuable features are the security and protection it offers our customers. The one complaint is the lack of a mobile signal.

What is most valuable?

It's the security and protection it offers our customers. They trust it. I know sometimes people will say that verified by Visa can be an inconvenience, but our customers like to use it. They like to see it on the screen, so that is a big benefit for our customers.

What needs improvement?

Where we are based, we are very rural, so the mobile phone signal can be very poor. There's something like adding LTP to your landline would be perfect for a lot of our customers.

That's the one complaint we have had is the lack of mobile signal. They won't get their LTP so that would be a big step forward for us. It's something we've discussed with CA. They know that it's something we're interested in so hopefully we'll work with them on that in the future. That will be a big plus.

It's more the fact the mobile signal isn't that great and you've got to move with the times. SMS technology is the way to go. If there's something unique that we could offer our customers, that would give them the confidence in us as a business. That would really help.

Apart from that, I've got no negatives to say really. It's just if they could offer something specific for our customer base. That would be really good.

For how long have I used the solution?

We have used this solution about five or six years now.

What do I think about the stability of the solution?

That's one of the things in the contract is the SLAs and they ticked the box every time. So I have no concerns around that whatsoever. They're spot on.

What do I think about the scalability of the solution?

It has grown. We moved from the initial implementation to use LTPs just a year and a half ago so that was part of the same solution.

Again, that's been a big win with our customers and that is more scope for us to move on with regulation over the next year to a year and a half, so definitely CA offer what we need.

How is customer service and technical support?

We don't get in touch with them that often because the service is so good. But the email contact is spot on. We get a quick turnaround.

We do get advised of upgrades well before anything happens. So far, with the limited touch point we've had with them, I can't fault them either.

How was the initial setup?

That's a difficult one for me because I wasn't with the firm when implementing the first rollout. But the second phase was very good. The support that we got from the project side for the business was excellent.

I can only assume it was as good first phase. Otherwise we might have looked at other products or another solution. I haven't heard anything untoward about the first implementation.

What other advice do I have?

It depends on the scope and the size of your business. For us, being small, we're a small firm, Transaction Manager ticks our needs. But if you've got a bigger customer base, maybe more cards out there, maybe more fraud, CA can offer all the tools and technology that you need.

I would choose the tools that you want based on your customer needs, not your fraud loses. There's no point in spending thousands of pounds on a huge solution when actually one of the smaller solutions can meet your needs. We found that quite valuable for us.

It sounds funny, but when looking for a vendor, we've got to get on with the firm. We've got to have a similar culture to our business. Come and visit us. We're quite remote where we're based, so I think to come and have a face to face meeting, that's a big tick in the box without all these conference calls. If CA would do that for us, that's a big win.

We have to get on with the sales person and the project managers. We like the close relationship. That's part of our business is financial services. It's dealing with customers and we like that from our vendors as well. We like the close relationship. That's probably one of the biggest things we look for.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user613569
Vice President at a financial services firm with 501-1,000 employees
Vendor
The cardholder configurations and reporting options are the most valuable features. There are consistent issues with registration and usage of the product.

What is most valuable?

The cardholder configurations and reporting options are the most valuable features.
The user interface is easy to follow and the available options are useful.

What needs improvement?

An area of improvement for this product would be the ability to view more transactional data to determine the cause of a failed transaction. The current data fields are very limited.

Also, the cardholder experience is not so user-friendly. There are consistent issues with registration and usage of the product.

For how long have I used the solution?

We have utilized this product for a little over 18 months; less than 2 years.

What do I think about the stability of the solution?

We have not had stability issues.

What do I think about the scalability of the solution?

We have not had scalability issues.

How are customer service and technical support?

The technical support team is professional and attentive to our needs and concerns. Issues are resolved in a timely manner with the appropriate follow-up.

Which solution did I use previously and why did I switch?

We didn’t have a previous solution. We converted as a MasterCard customer.

How was the initial setup?

Setup was straightforward, but I’m not sure if that was because we were a MasterCard customer using the service already.

What other advice do I have?

At this point, I would implement other options due to improvements and MasterCard regulations regarding Identity Check and 2.0.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user591873
Project Manager at a financial services firm with 501-1,000 employees
Vendor
Helps us ensure e-commerce transactions come from valid sources.

What is most valuable?

E-commerce security validations and reporting.

How has it helped my organization?

The risk of fraudulent transactions increases when the transactions are done online (e-commerce).CA Transaction Manager helps us ensure the source of e-commerce transactions is a valid merchant and customer.

What needs improvement?

The deployment process needs to be updated to ensure the base code does not involve details of other clients.

For how long have I used the solution?

I have used it for around 5-6 years.

What do I think about the stability of the solution?

We did not encounter any issues with stability.

What do I think about the scalability of the solution?

We did not encounter any issues with scalability.

How are customer service and technical support?

What is most valuable?

E-commerce security validations and reporting.

How has it helped my organization?

The risk of fraudulent transactions increases when the transactions are done online (e-commerce).CA Transaction Manager helps us ensure the source of e-commerce transactions is a valid merchant and customer.

What needs improvement?

The deployment process needs to be updated to ensure the base code does not involve details of other clients.

For how long have I used the solution?

I have used it for around 5-6 years.

What do I think about the stability of the solution?

We did not encounter any issues with stability.

What do I think about the scalability of the solution?

We did not encounter any issues with scalability.

How are customer service and technical support?

I rate technical support 4/5.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

How was the initial setup?

Initial setup of the solution proposed is straightforward.

What other advice do I have?

This is a good product, which is easy to deploy and has lot of user friendly features.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user590445
Head of Card Operation at a financial services firm with 1,001-5,000 employees
Vendor
Ensures security for online card transactions.

What is most valuable?

This solution has ensured 100% security for our online card transactions.

What needs improvement?

We are still unable to implement OTP through email using this solution. That is probably because we are using a Gmail server for sending email. However, I would like to find a solution to send OTP through our email server.

For how long have I used the solution?

We have used this service for about one year.

What do I think about the stability of the solution?

We have not had any stability issues yet.

What do I think about the scalability of the solution?

We have not had any scalability issues yet.

How is customer service and technical support?

I would rate technical support very high. We have faced very few technical issues, but we received prompt support every time.

How was the initial setup?

The installation was straightforward without any hiccups. CA assigned an experienced project manager for us who guided us expertly. We were able to implement the solution smoothly.

What about the implementation team?

At present, we are using ACS server of CA for our 3D Secure Transactions.

This solution is used for our card-not-present transactions. During
transactions, ACS sends a One Time Password (OTP) to the cardholder for verification.

We wanted to send this OTP to the cardholder through both
Mobile and email. We have implemented only OTP through mobile. OTP
through email could not be implemented due to 2 steps authentication in our
email server (we are using a Gmail server).

We are going to use our own email server domain instead of Gmail server.
Once it is done, we would like CA to help us to implement the OTP
sending through email.

What's my experience with pricing, setup cost, and licensing?

I would advise others to go for CA products. The pricing is reasonable.

Which other solutions did I evaluate?

We evaluated other products. One of them was SunGard’s Ambit and the other one was from a local vendor name Aamra.

What other advice do I have?

Card issuing/acquiring institutes must implement this product to secure their cardholders. The CA solution is a world-class product and others should consider using this solution.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
ITCS user
Digital fraud strategy manager at a financial services firm with 10,001+ employees
Vendor
Versatility in rule variables allows for customization and optimization.

What is most valuable?

The valuable features are:

  • A robust DeviceID technology.
  • Real time rule writing.
  • A high level of versatility in rule variables that allows for a greater degree of customization and optimization.
  • Strong model performance that allows you to focus on prevention rather than detection.

How has it helped my organization?

This product has improved our organization as follows:

  • Helped reduce 3-D Secure losses to one of the lowest in the industry while having minimal customer impact.
  • Enabled us to cut the 3DS losses in half, while declining 33 basis points of transactions. Twelve basis points of the 33 was fraud, i.e., a false positive rating of 1.8 to one.
  • Developed new operational processes on the back of additional intelligence provided by the system. This helped reduce account takeover.

What needs improvement?

All 3DS systems assess the risks of all transactions, including closed cards. This drives additional workload for operations. Having said that, CA’s partnership with several authorization providers, such as TSYS, will help us to eradicate this issue.

These 3DS secure systems act independently from a bank’s man authorisation system ( Falcon, TSYS, SAS Raptor etc), and as a result they end up in position where they end up attempting to authenticate transactions that are closed card as they have no visibility of these type of statuses.

This essentially means that these fraud system generate alerts on closed card , wasting operational resource. This is the same for all systems in this space inc RSA.

Having said that there have been recent developments in this space that have allowed authorisation platform to work together with the 3DS system via an API. Meaning that the 3DS system can pass the data to the Authorisation system who in turn will make the decision, instead of the decision being made via a 3DS platform. One example of this is the TSYS/CA relationship.


For how long have I used the solution?

I have used this solution for six years across multiple organizations.

What do I think about the stability of the solution?

In the first two years, there were several issues with stability. In particular, there were card numbers that were not always visible. However, these issues disappeared around 2014 when CA decided to get more resources to assist them with system management.

What do I think about the scalability of the solution?

There were no issues with scalability. The first bank group I worked with started with 8 million cards being covered. This was expanded to 16 million with no detrimental issues.

How are customer service and technical support?

Of the third-party providers that I have worked with, the technical support of this solution is up there with the very best. They are easily approachable. There is no risk of your issue getting lost in an operation center. The relationship managers are very hands-on. As a result, it feels like they are on the journey with you.

Which solution did I use previously and why did I switch?

We used RSA as an alternative solution.

How was the initial setup?

The setup itself was fairly easy, with plenty of support from the project team in regards to testing. The main challenge was internal, where operation sites required training and were hesitant in changing their way of working. CA offered project management resources in the event that the bank needed support to train their staff.

What's my experience with pricing, setup cost, and licensing?

The price is very competitive. If you deal directly with CA, they are considerably cheaper than the competitors. This may vary in cases where they partner with an authorization platform such as TSYS or FICO. In these scenarios, you may notice a premium hike on your setup and monthly running costs.

Which other solutions did I evaluate?

We reviewed RSA Adaptive Authentication for eCommerce.

What other advice do I have?

Have a dedicated project manager who will be responsible for direct dialogue with the CA project manager. Ensure that all stakeholders go to that single point of contact to avoid any potential slowdowns.

Make sure that all CA Risk Analytics data is pushed into your data warehouse daily. The out-of-box tool kit is good for providing a high-level view. However, you cannot carry out in-depth analysis. To do this, the data must be pushed to your data warehouse where you can run analytical tools such as SAS to identify patterns and recommend new rules.

Disclosure: I am a real user, and this review is based on my own experience and opinions.