Many people fret over security in online transactions. It’s nothing to fret about. On the contrary, as online payment frauds increase the need for stronger authentication is something both businesses and consumers should demand.
Between 2011-2016 in Europe, the European Central Bank (ECB) has recorded a 66% increase in online payment fraud. Today, online fraud makes up 73% of fraud in Europe and this is steadily rising.
The European Union has been actively engaged in enhancing the safety of all checkout flows for both customers and businesses in the region.
To this end, three years ago, on 14 September 2019, the new Strong Customer Authentication (SCA) requirement for payments came into force, to reduce fraud and make online transactions more secure across the entire European Economic Area.
A lot of businesses have already complied with the regulation, some are on their way (like in the UK where SCA comes into force in September 2021), and some are still thinking about it. So, let’s see what this all means for your business.
What is strong customer authentication?
Strong customer authentication (SCA) is the new requirement under the Payment Services Directive (PSD2) intended to further protect consumers, enhance the security of payments and limit fraud. The directive requires that all electronic payments are made using multi-factor authentication, in order to confirm cardholder identity and increase transaction security.
To that end, all “customer-initiated” online payments and contactless offline payments within Europe, are required to adhere to the Strong Customer Authentication directive. That means that most card payments and all bank transfers require SCA. However, recurring direct debits are considered “merchant-initiated” and don’t require strong authentication.
Therefore, a number of companies that fall under the above criteria and do business in the European Economic Area have been obliged to build an additional authentication process into their checkout flow.
According to the directive payment service providers have to use strong customer authentication when a payer:
a. accesses their payment account online
b. commences an electronic payment transaction
c. completes any action through a remote channel which can lead to a potential payment fraud or other abuse.
Εlements of Strong Customer Authentication
The new directive sets specific requirements for authenticating online payments within the European Economic Area. Every time a customer performs an electronic transaction, strong customer authentication is made available using a multi-factor authentication process. If the authentication sequence matches two out of three distinct requirements, the payment is considered successful. If not, then the transaction is rejected.
These three requirements are as follows:
- Knowledge – something only the customer knows, like a PIN or a password.
- Possession – something only the customer has, like a mobile device or a smart card.
- Inherence – something only the customer is, like a fingerprint or facial scan.
Concerns and Benefits of SCA
With SCA regulations placing a burden on businesses, many are concerned about preparing the technical requirements and facing the consequences of the changes in terms of customer experience.
In terms of the technical requirements, one of the main concerns businesses have had is regarding the incorporation of things like biometric authentication into the payment cycle. In terms of customer experience, businesses have feared that any friction added to the customer experience could result in cart abandonment, impacting sales, revenues, and customer retention.
According to statistics 26% of shoppers have abandoned their cart mid-purchase because the checkout process was too long or complicated, and 57% of shoppers will abandon a website if they experience a delay in loading time (3 seconds or longer). It is therefore understandable that many companies were nervous about increasing the complexity and impacting the speed of the checkout process, even in the interest of improving security.
Yet, the benefits of adopting SCA seem to have outweighed the concerns.
Innovation and Customer Acquisition
With a simple SCA process, the customer can be taken from being interested in your service or products to completing a payment in only a few minutes, shortening in this way the sales funnel. Using new services becomes easier – such as top-up and pre-paid credit cards, special offers, and more – as all these services require SCA to be set-up and used.
Increase in consumer security
Emphasis in market-wide compliance
When it comes to biometric technology, there is also the added benefit of convenience. Unlocking a device by fingerprint or face scan is quick and does not require the entry of numbers or letters, reducing the probability of last-minute purchase cancellations, when the customer is confronted with impractical passwords. It doesn’t come as a surprise that conversion rates increase with biometrics.
How can WayMore help with Strong Customer Authentication?
Create a seamless ecommerce and banking experience that has the power to forge brand loyalty and trust. WayMore can help your online business carry out the authentication requirements using advanced Multi-Factor Authentication for both your European and global campaigns.
WayMore can help your online business carry out the authentication requirements using advanced MFA for both your European and global campaigns.
As a next-gen cloud-based solution, WayMore seamlessly integrates with your existing security systems, providing a simple, user-friendly streamlined login experience for every user and every application.