Strong Customer Authentication under PSD2: Consumer Education Will Be Crucial to Success
The European Banking Authority (EBA) has finally provided the promised update on SCA supervisory flexibility timelines – with a new hard deadline for migration completion of December 31, 2020. According to the new guidelines, migration plans of PSPs – including the implementation and testing by merchants – should be completed by that date, otherwise all players could face serious penalties for non-compliance.
The new deadline is shorter than the transition periods previously provided by many designated national competent authorities (i.e. FCA in the UK, BaFIN in Germany), following guidance from EBA published in late June. That guidance allowed for a delay in the implementation of Strong Customer Authentication (SCA) over concerns that banks, PSPs and merchants were unprepared for the change, and an outcry from eCommerce merchants over a potential drop-off in customers.
Consumer education will be crucial for the success of SCA
We are seeing big differences in terms of the industry’s preparedness for SCA. Many large retailers such as John Lewis in the UK have already been rolling out SCA measures, whereas many of the smaller retailers still seem to be at the early planning stages.
For the roll-out of SCA to be a success, we still need to see coordinated industry action, especially when it comes to the education of consumers. We did a great job as a country when chip and pin was introduced, with a concerted effort led by the government to prepare consumers for its introduction. We must see a similar education campaign regarding SCA.
Are companies going to notice a drop-off in customers after SCA?
Customer drop-off will certainly be an issue for many eCommerce retailers. According to recent research by Go Cardless, 43 percent of UK consumers believe that ‘speed and ease of payment’ is the most important factor when paying for something online. And nearly half (45 percent) of UK shoppers said they would be frustrated with a favorite brand that introduced new security processes during online checkout. A separate study by Stripe predicts that European businesses could lose as much as €57 billion in economic activity in the year after SCA debuts.
However, I believe that a friction-free shopping experience is still possible, but perhaps not in the way we have known it to date. Because if everyone is aware of the new rules, and prepared for the next ‘authentication’ request, then why would we view these new steps as ‘friction’? If we educate consumers about the new measures and related benefits now, then it will become natural very quickly.
Who should be responsible for educating consumers – banks, retailers, regulators, or a combination?
If we want to ensure that SCA achieves its aim of reducing fraud without negatively impacting consumers’ shopping experience, then all parties need to work together in order to educate and prepare consumers. For banks and eCommerce retailers, this involves telling their customers that to maintain the level of convenience they want, they’ll need to be prepared for requests for additional authentication. They should also make it clear that these additional measures are designed to keep fraudsters at bay – being put in place for the benefit of the consumer.
Regulators should work together with governments to launch a public education campaign on the new laws. Education will be key to the success of SCA; it will help to limit the confusion consumers might feel about the new measures, which in turn could lead them to either be exploited by fraudsters, or put people off conducting eCommerce transactions.
How can firms minimize a decline in payments following SCA?
Whilst consumer education is key, it is also important that firms are ready for SCA from a technical perspective. This means making sure that they have the capabilities to enable their customers to authenticate themselves via two of the three required routes. For example, some organizations currently don’t have biometrics technology. So, if they choose ‘something you are’ as one of their authentication factors, they need to find the right solution to enable customers to do this.
Closely monitoring their fraud levels, and keeping them low, is also key as it will enable firms to apply for SCA exemptions for transactions up to a certain amount. Successfully doing this will help to provide a more seamless shopping experience for customers.
What do companies need to do to ensure their systems are ready for SCA?
3DS 2.0 goes some way towards SCA readiness – but it will not be the one element that will satisfy all circumstances. It comes back to education: Issuers will need to determine what is the best course of action to satisfy SCA for all their customers, and clearly educate cardholders about their chosen approach. If that means instructing cardholders to conduct eCommerce transactions via their smartphones, they will need to communicate this, and of course will need to tell them why. If they decide to go another route, they need to educate their cardholders what that route will be – to manage expectations and ensure transactions are not abandoned.
Want to achieve Strong Customer Authentication compliance while protecting and differentiating on the customer experience? Download our Five-Step Guide to Conquering SCA Compliance and thrive post PSD2.
Related Blog Posts
Taking a Holistic View of ISO 20022 Migration and Payments Modernization in the Pacific
Today’s payments modernization efforts, most notably real-time payments, not only work to satisfy changing consumer preferences and behaviors, they also serve to future-proof national economies throughout the world. But for real-time payments to deliver maximum value, consumers and financial institutions must be able to exchange meaningful and actionable information — hence the development of ISO 20022, a standard for electronic data interchange that facilitates the fast, standardized and secure exchange of financial messages across borders.
How ISO 20022 Represents Both a Challenge and an Opportunity for Southeast Asia’s Payments Landscape
Governments across Southeast Asia (SEA) are increasingly recognizing the vital role that payments play in the engines of their economies, which has resulted in a number of payments modernization initiatives such as those in Vietnam and Malaysia (PayNet). Yet there is one particular area in which SEA’s financial institutions might still be lagging behind their global counterparts: the adoption of ISO 20022, which has become the global standard for high-value payments and immediate payments (IP) when it comes to cross-border payments.
Ready or Not, The Time Is Now for Real-Time Payments
Research from ACI and GlobalData confirms that demand for real-time payments is only going in one direction: up. The root cause of this increasing demand is rising customer expectations and behaviors; clunky and opaque payment experiences are becoming less tolerable in a world where customers can buy, watch and listen to almost anything with a swipe, tap or click.
When It Comes to Payments, COVID-19 Crisis Could Lead to Long-Term Shifts in Consumer Behavior [Q&A]
ACI Worldwide and GlobalData recently launched Prime Time for Real-Time, a new global report tracking and analyzing real-time payments volumes, growth and dynamics across 30 global markets. According to the global research, an industry first, more than half a trillion real-time payments transactions will be processed over the next five years. I discussed what the findings mean, and how the COVID-19 pandemic might be a further catalyst for behavioral change, with ACI’s global head of real-time payments, Craig Ramsey.
TCH RTP and FedNow: What’s Next for U.S. Immediate Payments?
It has taken some time, but immediate payments (IP) are on the move in the United States. Although the speed of adoption has been slightly behind the curve of regions like India, the Nordics and the U.K., the U.S. has seen significant year-on-year IP growth of 69 percent.
Social, Mobile and Instant Payments: How Digital Payment Overlay Services Will Power Up P27
For some years now, the Nordics region has been a global-standard bearer for payments and financial services innovation. Sweden has for many years been a leader in the progressive move towards cashlessness, championing the range of efficiencies that it brings. Major payments innovators like Klarna, FundedByMe and iZettle are based in the region, rubber-stamping Stockholm as a genuine fintech hub. Analysts and insight leaders also regularly single the Nordics out as a genuine leader, in particular praising the collaboration between governments, regulators, financial institutions and businesses that has led to such fertile ground for financial modernization initiatives.
Women in Payments: Celebrating International Women’s Day 2020
International Women’s Day, celebrated on March 8, honors the social, economic, cultural and political achievements of women – including equality for all women.
To commemorate the occasion, we spoke with a few female leaders in the payments industry about what the day means both for them and for the wider payments industry. The comments and insights we received were nothing short of inspiring and encouraging.
Women in Payments: Student Perspectives on the Payments Industry (Part 1)
Last month, ACI’s Omaha office hosted six students from the University of Nebraska Omaha’s Information Technology department for a one-day event, showcasing ACI’s solution offerings and the company’s role in the global payments industry. The six students, all of whom were members of UNO’s Association for Computing Machinery-Women (ACM-W) chapter, had previously participated in one of ACI Omaha’s Coding for Girls Camps.
How to Meet ISO 20022 Migration Deadlines for Fedwire and SWIFT
Over the next decade, we will undoubtedly see huge shifts in how financial institutions throughout North America transact, whether domestically or across international borders. This will be driven not just by changing technologies, but also by regulatory events – such as the widespread adoption of financial messaging standards like ISO 20022.
How Can European Banks Meet the ISO 20022 Migration Deadlines for TARGET2 and SWIFT?
First published in 2004 – and already broadly used in some quarters – ISO 20022 is rapidly set to become the de facto standard for financial messaging around the world, replacing MT messages.