About fraud and Strong Customer Authentication – old challenges, new patterns

Elena Emelyanova, Senior Payments and Fraud Manager at Wargaming, details the SCA’s challenges for the gaming industry, and the emerging patterns of fraud

Wargaming is an online game developer and publisher. Our games are free-to-play, and our business model is based on micro transactions. Moreover, the way our games are created doesn’t offer the possibility to do in-game fraud, because one may not resell the purchased item (once you bought it, it’s yours), and we do not do cash out.

The gaming industry, among others, is indeed facing a big challenge again this year, especially because the mandated implementation of Strong Customer Authentication (SCA) has been postponed from the last year and now we are impatiently looking forward to what will happen after the 31st of December 2020.

Why is SCA compliance still a challenge

3DS 2.0, the next generation of the current customer authentication protocol, should bring security and trust to ecommerce transactions, and naturally, remove or at least decrease fraud. That’s a great initiative especially taking into consideration the increasing global trend of ecommerce fraud. However, it seems it’s not that easy to implement it. In order to reach the goal, every stakeholder (merchant, PSP, or acquirer and issuer) needs to do their part respectively in order for the whole ecosystem to benefit from SCA.

Wargaming has been ready to support 3DS2 since last year, however, this doesn’t guarantee we will be protected from fraud after 31st of December. The inconsistency in readiness with SCA still remains, plus the lack of comprehensible statistics, predictions in conversion decrease, and a lot of open questions which still cannot be answered – that’s from one side. From the other side, the upcoming peak season with the highest sales (Black Friday, Christmas) = the highest potential fraud time.

Therefore, here are the main challenges Wargaming has been facing so far prior to the SCA deadline, which are also very common for each merchant looking to stay relevant and compliant on the market:

1. There is a lot of inconsistency in industry readiness. As a merchant, we are mostly interested in issuer readiness, after making sure, of course, that our acquirers are compliant. Unfortunately, despite of multiple EBA letters and each EU country national bank authorities’ notices – the overall readiness (I mean not just on paper) is far from being 100% complete. On the other hand, hearing questions from merchants like ‘which transactions are considered to be in scope?’ or ‘will SCA be mandatory only in EU as per new regulation?’ – just show that there is also a significant gap in merchants’ awareness and readiness.

2. Despite of the fact that we do have already transactions going via 3DS2 request – there is no clear and easy-to-reach analytics we can use in order to estimate the level of customers’ involvement, results, of issuers reaction etc. Neither our technical side, nor our acquirers are ready at the moment with supporting analytical side of the project.

3. Companies caring a lot about friction in the payment flow/customer payment journey are all preparing for conversion decrease. With the introduction of an extra step in the authentication process, that’s the logical estimation. Luckily, there will be exemptions, but, there is a huge BUT again. Exemptions are available only in 3DS2.2 version (which is mandatory to be implemented by the end of 2020), and can function only in case issuers are ready to support them.

4. A lot of open questions with no answers. Well, I believe we’ll need to learn from our own experience in 2021.

New fraud patterns at the horizon

In addition, a few words to add about the current situation with fraud. We do see new patterns emerging this year, absolutely new approaches, which literally means that fraudsters are always one step ahead. Or, at least, they try to. Thanks to the tools we are using and thanks to our payment partners we manage to identify them and prevent their future fraudulent activities. In 2021, the situation will not change much I believe, at least not in the first half-year period. SCA will not be fulfilling its function in full up until the whole industry is compliant and fine tunes all the processes related to it.

This editorial was published in the Fraud Prevention in Ecommerce Report 2020/2021, the go-to source in securing transactions while offering a frictionless customer journey.

About Elena Emelyanova

Elena Emelyanova is a Senior Payments and Fraud manager at Wargaming. While heading Acquiring team within Wargaming, she specialises in ecommerce acquiring and fraud protection globally, having a strong understanding of various markets throughout Europe, North/South America, Asia, and CIS. With the benefit of working at a mobile carrier company for 4 years before joining Wargaming team and a 4 years background of leading NA/LATAM payments team at Wargaming, Elena helps Wargaming to optimise the card payments and alternatives flows all over the world, as well as keeping the fraud level low. Her total experience in payments industry is of 8 years.

About Wargaming 

Wargaming is an award-winning online game developer and publisher headquartered in Nicosia, Cyprus. Operating since 1998, Wargaming has grown to become one of the leaders in the gaming industry with 4500+ employees and offices spread all over the world. Over 200 million players enjoy Wargaming’s titles across all major gaming platforms.