PSD2 SCA regulations and TRA exemptions;
Balancing fraud prevention with UX;
Examples from physical goods merchants;
Fraudster tactics to bypass 3-D Secure authentication;
Best practices for implementing and optimising TRA exemptions.
TRA exemptions allow low-risk transactions to bypass SCA, thus reducing friction for customers. When correctly enforced, they can boost merchants’ revenue. Exemption eligibility depends on transaction value and the acquirer’s fraud rates, which vary between lower than 0.001% and lower than 0.13%. Lower fraud rates allow for higher value transactions (up to EUR 500) to be processed without requiring SCA.
Learning how to properly implement exemptions by leveraging AI can positively impact merchants’ business and help prevent fraud before routing to 3-D Secure (3DS). Simultaneously, it can help merchants focus on high-importance risk signals, accelerate approval rates, reduce cart abandonment, and enhance customer experience.
Fraudsters have become significantly more sophisticated by purchasing aged accounts to seem more trustworthy in the eyes of merchants. Through OTP (one-time-password) specifically created bots, they extracted one-time password from consumers by tricking unsuspecting customers into divulging their two-factor authentication codes.
The webinar also tackles the prevalence of fraud in the payments industry. Without a cohesive fraud prevention strategy, merchants risk damaging their reputation by sending fraudulent transactions through TRA. Thus, it is crucial to send clean traffic to acquirers to boost overall TRA exemption approvals.
At the same time, if fraud rates rise, merchants or acquirers may lose access to TRA exemptions, which can further lead to increased authentication measures and customer friction. Higher fraud rates can also lead to disputes, customer churn, and reputational damage.
PSD2 exemptions can be deployed for low-risk and low-value transactions, such as in the case of payments less than EUR 125 if the customer’s account password has not changed in the past 24 hours or if the IP location and the mailing address are on the same distance, within a 3 km radius. To pinpoint exemptions, merchants can use combined AI-powered risk scores with VIP lists and low-risk user behaviour.
Looking to step up your TRA exemptions game? Consider the following:
Understand your data and customer base;
Develop strong relationships with payment partners and acquirers;
Implement pre-authorisation fraud screening;
Deploy AI and ML models to accurately assess transaction risk;
Monitor and optimise your exemption strategy regularly.
As PSD3 regulations are currently under development, it is important to stay informed about potential refinements to SCA requirements, especially regarding the protection of vulnerable groups.
Irina is a Senior Editor at The Paypers, specialising in fraud and online payments. With a Ph.D. in Economics and a strong economic academic background, she observes developments in tech, innovation, and regulation, educating the audience about fraud prevention, chargebacks, scams, social engineering, digital identity, GenAI, and ecommerce.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now