It’s been a busy year for regulators, retailers, and payment service providers as the industry prepared for the Revised Payment Directive, otherwise known as PSD2. This revised regulation aims to make electronic payments more secure for businesses and consumers.
In a nutshell, PSD2 is the revised directive of PSD1 which, was first introduced in 2009 and was designed to regulate payment services and payment service providers in the EU. But exponential growth in ecommerce along with technological advancements in the last decade required that the directive be updated to conform to changing consumer trends.
What’s the impact on consumers?
The directive is, first and foremost, still meant to enhance customer protection and security for online transactions. Fraud continues to be a growing problem for ecommerce transactions in large part due to the growth in ecommerce, the increased flow of money, and consumers’ widespread adoption of smartphones and mobile payments. According to the latest research on online payments and fraud, card-not-present accounts for 60-70% of all card fraud in developed countries.
As part of the regulation, businesses are now required to implement added layers of security to payment transactions, also known as Strong Customer Authentication (SCA). With SCA, consumers will be at the center of the transaction. Customers will be asked to perform additional steps or provide additional information before a transaction can successfully go through. Customers will be required to prove their identity with either inherence-based (fingerprint or voice), knowledge-based (pin or password), or possession-based (device) authentications.
According to a FICO survey, consumers have already started to express concerns about the various factors that could get in the way of successful authentication and completing their transactions. For example, when asked which factors could prevent someone from receiving a one-time passcode to their mobile device, responses include: “It would be too complicated,” “I have poor mobile coverage,” “I wouldn’t trust a passcode sent this way,” and “I might run out of battery,” among other reasons.
In the immediate term, the additional authentication step will introduce more friction and impact the shopping experience, but the long term upsides will far outweigh the inconvenience. For one, through SCA, banks can better identify a person as the cardholder, reducing fraud risk for both the customer and the merchant. As financial and technological entities get more sophisticated – and aligned – consumers will start to see a better user experience with features like single-sign-on functionality, allowing consumers to authenticate and purchase from all their devices.
Another major reform with PSD2 will be the move towards Open Banking, which allows third parties (such as new fintech services or apps) to be able to access customer information that was previously only accessible to the banks. Under this, the directive will promote healthier competition among financial institutions by leveling the playing field and ultimately gives consumers more control and choice of their financial service providers.
What can merchants do to help their customers?
Merchants should educate their customers and help them understand the reasons for additional authentication, including what’s changed and how this will add greater security to their payments. Additionally, merchants should walk customers through the various kinds of security layers they will soon see and offer tips on readiness, like device upgrades or software updates.
Merchants should also take this opportunity to remind customers of other ways they can expedite the checkout journey, such as saving card details or setting up new payment methods like Apple Pay or Google Pay that can speed up the process – tactics that can help offset the added authentication step. Giving shoppers the heads up will mitigate frustration and can prevent any surprises during the transition.
Have more questions? Get in touch with a Checkout.com payments expert today.