any internet device, any card scheme, anywhere : identify your customers, authenticate transactions, mitigate risk.
Automated & Remote: AML/CTF KYC Compliance,
revenue assurance
& anti-fraud

Maximise revenues, minimise losses, avoid chargebacks, automate anti fraud processes, identify the customer.

Eliminate fraud and grow your online business. iSignthis Ltd (ASX : ISX) offers Merchant Protect, our unique, patented solution that can authenticate all credit or debit card transactions originating from any card scheme and issuing bank combination. We achieve this by establishing Evidence of Identity (EOI), linking the account owner to any specific transaction that is required to be authenticated. Our EOI process is remote, automatic, scalable, and incorporates the issuer's security systems using our patented 'out of band' process.

This process can be used to remotely identify customers to meet AML/CTF legislation KYC requirements.

Merchant Protect secures the Card Not Present (CNP) space, and provides complete authentication coverage across all card types, no matter where the transaction originates.

PSPs and Merchants : Don't go down the route of expensive and difficult integration with card scheme specific solutions such as Verified by Visa or Securecode. By using our authentication service and mitigating your fraud risk profile, there is now no need to limit the card schemes you may safely accept and process on behalf of your customers.

As e-commerce becomes increasingly global, business needs confidence to transact with customers located anywhere. Expanding reach is critical, as is prodding the widest range of schemes accepted. Merchant Protect allows PSPs and merchants to confidently grow their CNP transactions originating from any IP device or smartphone. We assist you and your eMerchants to expand reach whilst increasing confidence and trust.

Cardholders are presented with an intuitive registration process to enroll their card and link their mobile phone. Subsequent or follow on authentication is via one time password sent by SMS to the linked phone and confirmed back to us by the cardholder. We can also incorporate soft or hard authentication tokens, and will interface with Open Identity Exhange (OIX) protocols. Our EOI process can bind your choice of technology to the identified person.

Merchants can now transact cross border and with foreign customer with confidence, with risks mitigated via our completely automated authentication process.

Importantly, we provide a solution that authenticates transactions originating from any card scheme, via a single integration at the PSP (or larger merchants).

Merchant Protect is a card scheme agnostic authentication system, that opens up global opportunities whilst reducing fraud.

Merchant Protect & iSignthis Services.

  • Merchant Protect AF: Payer authentication, revenue assurance & anti fraud service for eMerchants. A risk based scoring system is also available in order to streamline transaction flow.

  • Merchant Protect KYC : Customer due diligence to meet KYC in accordance with AML/CTF requirements. A service for eMerchants who provide designated services and are AML/CTF obligated/reporting entities. This includes online providers of gaming/wagering services, telco's, stockbrokers, loans, credit and insurance.

  • Merchant Protect KYC + AF: Customer due diligence and anti-fraud service. A powerful combination of KYC to onboard customers, pus ongoing due diligence and transactional anti-fraud.

  • iSignthis Authenticator : Strong Customer Authentication to meet ECB's February 2014 / EBA's December 2014 Security of Internet Payments ('SecuRE Pay') for PSPs, including gateways, acquirers and issuing institutions.

  • iSignthis EOI : Soft Token EOI for binding a person's identity to eWallets & mWallets, or, for operators of authentication services, electronic-ID (e-ID), social media or trust frameworks.

  • See also iSignthis Ltd website .


      Latest Technology

      Regulatory Compliance

      Meets the European Central Bank's (ECB) February 2014 / EBA's December 2014 requirements for strong customer authentication for the SEPA/EU28 Security of Internet Payments. The iSignthis services assist operators to comply with the US FDIC Guidance on mobile payments and US FFIEC 2011 Guidance on Authentication.


      Rapid Deployment


      Single point integration at PSP or Merchant via cloud solution. One integration for all card types, providing global protection for merchants and cardholders alike.



      More than 30++ Card Schemes

      No pre-enrolment of card necessary - natively authenticates any card, from any issuer, from any card scheme (AMEX/ JCB /Visa/ MasterCard/ Discover/ China Union Pay/ Diners/Carte-Bancaire). A card scheme agnostic solution that provides global card coverage.


      High Sales Conversion rate

      Negligible Abandonment

      No pre-checkout friction. No additional pre-sale completion key strokes. Customers don't leave the merchant's website prior to checkout. These factors mean a negligible abandonment rate and far fewer lost sales.


      Strong Authentication via EOI

      Using issuer's KYC

      iSignthis uses standard payment transactions and embeds one time passwords within the data message to initiate the EOI process. These OTP's are transmitted 'in band' during transaction processing, and are available only to the card holder by accessing their mobile, telephone, online, ATM or OTC account. The cardholder response is decoupled for security via an out of band response consistent with the US FFIEC 2011 Guidance on Authentication.


      Preserve Customer Privacy

      Uses the Issuer'S Security

      No request for personally identifiable information (PII) from merchants or their customers. The system relies upon the issuing institution's portal security and face to face KYC. Only the account owner can authenticate transactions, whilst not being required to disclose any PII (other than standard payment data) or completing any intrusive sign up processes.


      Intuitive and Effective


      Cardholders are challenged to access their familiar and trusted banking portals to retrieve the OTP's. It also minimises revenue leakage as well as mitigates fraud. Operational costs are reduced by the automating of manual KYC or anti fraud checks.


      Liability Shift


      PSPs and merchants now have an alternative authentication system to 3DSecure which provides automatic global coverage without requiring pre-enrolment, whilst meeting the ECB's February 2014 requirements.

      iSignthis also complies with consumer codes such as the Australian Securities and Investment Commission's ePayments Code.

    iSignthis :
    Remote, software based strong customer authentication for CNP payments; KYC & EOI to meet AML/CTF and Telco compliance.

    Our Alliances