Voice of the Industry

The impact of PSD2 across the ecommerce industry

Friday 20 September 2019 08:36 CET | Editor: Melisande Mual | Voice of the industry

Michael Reitblat, the CEO of Forter, explains how ecommerce businesses can meet their specific needs while ensuring both security and optimal customer experience

Customer expectations for instant gratification are higher than ever, with demand for express checkout, on-demand delivery services, and freedom of choice regarding payments methods. To maximise customer satisfaction, businesses could find themselves compromising on safety protocols. Yet this perpetuates the intensifying security threat, resulting from the growing ease with which fraudsters can steal high-quality personal information. For instance, the maturation of the cryptocurrency market makes it easier than ever for fraudsters to trade this valuable personal information with each other.

In countries across the EU, as of September 2019, the Second Payment Services Directive (PSD2) will impose greater standards on how merchants enforce the security measures needed to safeguard consumer data from misuse. But this legislation is likely to have a significant impact on the consumer journey, affecting businesses’ revenue. This is largely because of the requirement for Strong Consumer Authentication (SCA), which will introduce additional friction to the consumer journey. Although the UK is a notable exception with the Financial Conduct Authority (FCA) delaying the implementation by 18 months, retailers should prepare for cross-border implications.

Individual business needs

Businesses from all consumer sectors will be affected by the consequences of PSD2 compliance – from travel, to luxury, to food delivery.

Travel merchants, for instance, need a frictionless transaction process due to the immediate demand for their products. In the case of flight bookings, processing delays can result in a customer paying higher fares or even losing out on their purchase entirely because tickets have sold out while the buyer is being verified. Online travel agencies (OTAs) must elicit trust from consumers due to their role as ‘third party’ vendors for airline tickets, accommodation, and activity bookings – providing instant confirmation for high-value purchases as reassurance the payment was a success.

For the luxury sector, accuracy is vital. Mistaking legitimate activity as fraudulent and denying a genuine customer equates to a high loss of revenue, because of the expensive price tag attached to luxury goods. This can also impact lifetime customer value (LTV), as a customer is likely to abandon a retailer for a competitor that delivers a better purchase experience.

For fast food delivery services, speed is essential, incentivising merchants to reduce lengthy security measures in a bid to maximise customer satisfaction. This has led to an increase in abuse for brands such as Deliveroo and JustEat, since minimal fraud detection allows cybercriminals to use attack methods like account takeovers (ATOs), where stolen login details are used to conduct seemingly legitimate purchases via compromised accounts. ATOs require more sophisticated means of detection, as it occurs early on in the consumer journey.


Meanwhile, large merchants need comprehensive omnichannel protection from fraud such as returns abuse, which increased 90% between 2017 and 2018, and policy abuse, which grew by a dramatic 170% over the same period. The increase in these attacks is a result of consumers’ ability to buy online and return in store, or claim items are undelivered to gain a refund while keeping the item. Currently, merchants face difficulties connecting offline and online activity, making these fraud methods particularly acute for retailers.

In light of this, merchants trading within the EU need to place PSD2 compliance front of mind when future-proofing their business – not only with respect to fraud prevention, but from a customer experience standpoint, too. Merchants should be mindful of the impact regulations will have on their consumers, for instance, increasing friction in their paths to purchase. Businesses should, therefore, take a proactive approach when selecting authentication processes, evaluating the challenges compliance will bring and implementing effective solutions that protect both the bottom line and the customer base.

Ensuring an optimal consumer experience

A seamless path to purchase is essential for retailers, and implementing a solution that allows for dynamic re-routing can enable merchants to deliver this. Utilising insights on fraud risk and consumer context, a dynamic re-routing solution directs customers along the path of least friction, identifying exemptions to SCA on an individual basis where applicable. By implementing a fully automated process, merchants can rely on real-time decisioning to ensure not only a smooth consumer journey, but also accurate detection of fraudulent activity.

Automated processes that leverage machine learning technologies can provide accurate authentication in fewer than 600 milliseconds, meaning that customers’ paths to purchase remain uninterrupted, maintaining brand loyalty. A solution that brings these tools together allows merchants to maximise customer satisfaction, through increasing speed and reducing friction.

Protecting against evolving fraud attacks

To maximise on security, merchants should look to end-to-end fraud solutions that build a holistic view of the consumer journey. By analysing the connections between devices and data points, and reviewing patterns to scale, these prevention systems enable greater visibility and insight. This increases the accuracy of fraud detection, particularly when applied to a networked system.

Networked, automated solutions offer a twofold benefit. They remove the necessity of manual reviews – and the resulting human error – and provide instant protection to all connected businesses. Simultaneous fraud attacks are rendered ineffective as a result of this instant immunisation. But machine learning alone isn’t sufficient, since rules are reactive. By adding insights from domain experts, machine learning technologies can keep pace with emerging fraud attack methods. These tools provide real-time analysis, identification, and prevention, which offer additional benefits to a global coalition of businesses.

PSD2 compliance requires a dynamic and innovative system that effectively balances the need for an optimal consumer experience without compromising security. The first step to effective compliance is merchants being aware of the consequences of PSD2 on their brand, consumer base, and bottom line. By implementing an anti-fraud system that utilises real-time, dynamic decisioning and machine learning technologies, merchants can ensure a smooth transition into PSD2 compliance.

About  Michael Reitblat

src=/images/michael-reitblat.jpgMichael is the Co-Founder and CEO of Forter, the leading payment fraud prevention solution. Prior to founding Forter, Michael was the VP Product & International Operations at Pango Parking where he was in charge of the deployment and adoption of Mobile Wallet technologies worldwide. In 2008, before its acquisition by PayPal, Michael led Product at Fraud Sciences, where he faced some of the most challenging questions in the cyber security ecosystem.

About Forter

vspace=2Forter is an ecommerce fraud prevention company, providing merchants with an end-to-end, identity-based solution that offers protection during the entire customer lifecycle. Forter protects customer trust and company revenue with exceptional accuracy, in-depth knowledge of customers, increased approvals, and near elimination of false positives for more sales and happier customers.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Forter, ecommerce, PSD2, SCA, customer experience
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime