Strong Customer Authentication (SCA) was designed to improve authentication standards across Europe, and enable money to move quickly, while reassuring all parties that funds were going to their intended recipients. The rule officially took effect in September, and EU countries have begun helping merchants and consumers work toward compliance. The real authentication struggle lies with the region’s payment service providers (PSPs), however, which must craft solutions that both comply with the standard and ensure end customers’ experiences remain convenient, quick and satisfying.
SCA mandates authentication changes for nearly all of the region’s online payment processes. PSPs are in unique positions because they are responsible for verifying transactions, as well as determining whether certain purchases qualify for exemptions. Such responsibility comes with a price, though. Declining too many legitimate transactions could lead to a decrease in customer conversions for PSPs’ merchant clients, eventually affecting revenues for both parties. Adding authentication measures that are too varied or complex could lead to similar problems, as customers faced with unanticipated frictions could abandon their carts.
PSPs must, therefore, strike the right balance between authentication and seamlessness, while keeping up with how different European countries are tackling SCA compliance. They must also grapple with a general lack of awareness among both merchants and customers.
PSPs And The SCA Awareness Challenge
A recent study found that more than 76 percent of EU end customers are unaware of PSD2, spotlighting a significant problem for the PSPs and partner merchants tasked with providing smooth online shopping experiences. SCA applies to almost all transactions above €30 ($33 USD), and requires two-factor authentication (2FA) — such as biometric fingerprints and iris scans or text messages — to authenticate customers still expecting seamless purchases. Convenient options like one-click ordering are no longer possible under SCA, and frictions created by adding verification requirements could drive customers away.
There are ways to reduce those pain points, however. PSPs could implement risk scoring or analysis on each transaction, using available data to determine the likelihood of them being fraudulent or requiring additional authentication. Such methods could lessen cart abandonment, and shorten how long it takes consumers to make purchases, saving merchants money by facilitating successful conversions. 2FA will still likely be applied to more purchases than ever, especially those involving larger transactions or first-time customers.
The complexities PSPs face when building secure, satisfactory payment experiences for European customers do not end there, as countries’ approaches to implementing SCA requirements differ. Ireland and the U.K. have opted for 18-month integration extensions, for example, which gives PSPs more time to work with merchants and regulators to boost customers’ awareness of upcoming online shopping changes. Other countries are offering PSPs shorter deadlines, including Hungary, which gave retailers and payment providers 12 months to catch up.
Each country has put a unique twist on SCA, which means PSPs are now juggling fraud developments, individual regulatory concerns, protection needs, and unsuspecting consumers and retailers in each European market. The EBA is still requiring all providers to monitor online transactions for fraud under SCA, with the exception of several exemptions.
Marrying Satisfaction With Authentication
PSPs have time to become fully SCA-compliant, as regulators in many countries are still determining how the rule will be integrated into payments. However, it is clear that consumers have not become any fonder of online shopping frictions as payment speed increases and innovations multiply.
Furthermore, PSPs cannot avoid introducing some frictions into the online purchasing process, which is unfortunate, given that many European consumers are unaware that their authentication requirements will evolve. PSPs can work to make authentications as convenient and smooth as possible by grafting biometric or SMS tools directly into their experiences. Viewing seamless authentication measures as key to customer satisfaction will be critical for PSPs as SCA’s influence on digital payments in Europe grows.