With only 12% of businesses citing a negative impact on payments performance due to Strong Customer Authentication, there's a shift in attitudes towards the regulation. Danilo Alves de Oliveira, Senior Manager, Customer Success at Checkout.com, outlines some considerations for businesses starting to look beyond compliance and thinking about how to capture the opportunities SCA presents
Strong Customer Authentication (SCA) aims to provide electronic payments with an extra security layer to reduce fraudulent transactions. Yet despite the good intentions of the regulations, businesses have rightly been concerned about what impact asking customers to identify themselves using something they own, know or are would have at the digital point of sale.
More precisely, would it lead to an increase in cart abandonment and revenue loss?
However, just over a year into the rollout of SCA, it seems this doomsday scenario hasn't come to pass. While some businesses have encountered challenges, only 12% of those we surveyed cite a negative impact from SCA. This statistic is encouraging. It also correlates with what we at Checkout.com see working with different businesses across Europe.
As a result, attitudes are changing to the regulation across the continent. Yes, there are still conversations about compliance, and businesses still face challenges. But we're also seeing an increase in businesses wanting to understand the opportunities SCA creates to rethink the customer journey, win trust, and gain protection from liability.
Taking advantage of the latest enhancements to 3DS2
Much of the initial concern around the impact of SCA stemmed from the experience of legacy authentication protocols created for consumers. These early protocols were not designed with smartphones in mind. They redirected customers to unoptimized pages that took an age to load and often crashed. And this often led customers to abandon their purchases.
This isn't the case anymore with the introduction of the 3DS2 protocols. These allow consumers to authenticate in multiple, intuitive ways, such as fingerprinting or facial recognition. Also, with the 3DS2 protocols sending more data points to issuing banks, there's more opportunity to apply better logic to assess the risk and authenticate transactions.
Is 3DS2 perfect? No. But the protocols are much better than what came before them. And they're constantly undergoing improvement. So our advice to businesses is to always upgrade to the latest 3DS protocols when available. This will ensure they're delivering the optimum experience to their customers when transactions require SCA.
The art and science of applying SCA exemptions
We find that those businesses who are successful navigating SCA are typically paying attention to the nuances of the regulation. More specifically, they understand that not every transaction requires SCA.
Some transactions are out of scope. Such as:
recurring transactions
installment transactions
credentials on file transactions.
transaction amount lower than EUR 30
transaction risk analysis (TRA).
Exemptions are the linchpin in the balance between keeping fraudulent transactions at bay and keeping the customer journey as frictionless as possible. So how businesses decide to apply exemptions varies depending on multiple factors. These include where it sells, what it sells, who it sells to and its risk tolerance. And, with 40% of ecommerce businesses citing fraud as their biggest concern in 2022, it's a critical discussion to have.
Using data to shape an SCA strategy
To inform discussion around exemptions, businesses need a deep understanding of their payment flows to build an optimal exemption strategy. And it's only possible to determine this with access to data.
Businesses need to know where their fraud is coming from — which countries, what transaction amounts, what time of day. And, it requires an understanding of why legitimate consumers are abandoning their purchase. Is it because of 3DS? Or is it because of the many other reasons that cart abandonment occurs?
Optimizing for SCA isn't a one-time project. Few businesses get it right the first time. And circumstances in our dynamic digital economy are frequently changing. Businesses must partner with their payment providers to find the proper role for authentication in the end-to-end customer experience. It's then a matter of monitoring the performance and making adjustments to strategies as and when required to meet objectives.
Download Checkout.com's new guide to learn more about how to shape your SCA strategy.
About Danilo Alves Oliveira
Danilo Alves de Oliveira is a Senior Manager in Checkout.com's Customer Success team. Danilo supports several of the biggest businesses in the UK and EEA to optimize their payments to thrive in the digital economy. Before joining Checkout.com, Danilo worked at Worldline Merchant Services and Caixa Econômica Federal. Danilo has an MBA from Rotterdam School of Management.
About Checkout.com
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now