While many businesses have floundered during the pandemic, the regulatory response has created an environment for tech companies to flourish. Unsurprisingly, in a time of lockdown and restrictions, ecommerce has boomed. According to Adobe, online shopping in the United States achieved between four and six years’ worth of growth in just a couple of months in earlier 2020. April and May saw more online spend than the 2019 holiday season, by far the most important six or so weeks in American retail.
Experience tells us that once a customer successfully downloads and uses an ecommerce app, they are unlikely to return to their previous method of transacting. The convenience of using the app helps to convert the unsure and undecided.
Obstacles remain, however, and there is a high rate of transaction failure. To sustain growth, we need to understand and solve the challenges that lead to incomplete transactions. As pandemic restrictions are lifted and people can move more freely, their shopping options will increase, which means a higher rate of people than usual may shift back to previous transaction habits.
There is an urgency, therefore, to understand and solve ecommerce’s biggest obstacles.
User experience is key
An obvious but crucial point is the importance of user experience. The modern digital consumer expects sophisticated, slick, and safe user experiences, accessible anytime, anywhere, and on any device.
It seems, however, that many experiences are falling short. Consider these numbers from Ethoca:
nearly two-thirds of abandoned carts (65%) occur because of friction;
due to fraud controls, USD 146 billion in card-not-present purchases are declined each year;
yet of these transactions, more than half (52%) were not fraudulent.
An enhanced, elegant user experience, one that engages the customer and helps to solve any issues that arise during the transaction, is required. Several operators are currently working towards a solution, but as they tend to differ on their definition of the problem, routes vary.
All roads lead to Rome; some will get you there quicker
EMVCo, the global technical body that facilitates worldwide interoperability and acceptance of secure card payment transactions, along with the payment networks, champions three options:
By converting sensitive cardholder information into a unique digital identifier, this creates a token that can then be used instead of a card, which helps to protect the primary account numbers. A unique number is provided for each environment, and the card number is limited.
Should the token be fraudulently acquired, it can only be used for the intended recipient. Tokens can be issued either through an issuer wallet, a third-party wallet or a card-on-file.
3-D Secure
3-D Secure is an authentication vehicle, a messaging protocol that enables issuers to authenticate consumers during online shopping. It provides a layer of security that reduces fraudulent transactions, prevents unauthorised use of credit and debit cards online, and protects merchants from exposure to fraud-related chargebacks.
Click to Pay
A relatively recent rollout by EMVCo, card information is secured on the users’ profile who can then choose which card they want to use for the transaction as they would in a real-world situation, with no need to enter a password or card details. Click to Pay aims to offer a simple, seamless, and safe user experience that saves the customer time. The interface is standard across the web and mobile sites, apps, and devices.
Other operators and options include:
Payment Request API
The Web Payments Working Group (WPWG) consortium controls the standards of payments across the internet. With its Payment Request API, the WPWG aims to standardise communication across merchants, browsers, and payment methods by providing a single, stable, and consistent API for developers. Merchants can create a controlled and standardised checkout experience for all payment types, not just card payments.
FIDO with WebAuthn
Entersekt, along with Microsoft, Google, Amazon, and Facebook, belongs to the FIDO Alliance, which stands for Fast IDentity Online. We have long supported its drive to banish inconvenient and weak password-based security, and we expect to see a rapid surge in interest following a recent announcement by Apple that it will fully support the new FIDO2 authentication protocol too.
The way forward: cooperation and collaboration
The most significant potential lies in collaboration, and we see the beginning of alliances between groups, such as the relationship between the World Wide Web Consortium (W3C) and FIDO to enable WebAuthn. There is also a W3C, FIDO, and EMVCo working group that is currently discussing, allowing merchants to submit FIDO tokens.
However, while there is overlap, and operators are talking to each other about common ground, specifications remain quite varied. Banks and merchants may struggle to understand which options work well together and are best suited to their needs. It will require expert knowledge of the market, the various solutions, and the future of ecommerce, and it is best to work with a specialist.
This Expert Opinion was published in our Fraud Prevention in Ecommerce Report 2020/2021, the go-to source in securing transactions while offering a frictionless customer journey.
About Gerhard Oosthuizen
As CTO, Gerhard is responsible for accelerating strategic initiatives at Entersekt, driven by innovation as well as research and development. He has over 20 years’ experience in the software industry, developing and managing software across the globe.
About Entersekt
Entersekt is a leading provider of device identity and customer authentication solutions. Its multi-patented, regulatory compliant technology helps financial institutions and other enterprises to build trust and boost loyalty with secure, convenient, and engaging new digital experiences.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now