Nov 4, 2019
This Member Spotlight article was written by DMI member Vince Howard. It's yours to play for, so if you want to get in the digital marketing game and make an impact Submit your Own Piece for publication in our Community Insights!
If you are a Digital Marketer, you're likely to be aware that the Second Payments Services Directive (PSD2) came into effect on September 14th 2019, ushering in new security requirements for any business that accepts online card payments within the EU and EEA (European Economic Area).
A major element of the PSD2 is Strong Customer Authentication (SCA) and its full implementation has been put off until December 31st 2020. But it’s never too early to start preparing for SCA, as we will cover here.
When SCA comes into effect, it will mean that banks can begin declining card-not-present transactions (CNP) that do not satisfy at least two of the three core elements of Strong Customer Authentication. These are:
Why is this important for Digital Marketers? Well, a longer payment process involving passwords, pins or fingerprints adds unwanted friction to the online payment process. And as marketers we know all too well that adding additional steps to the conversion funnel is a sure-fire way to lower conversion rates. In 2014, India implemented similar payment security measures. The result was a 25% drop in conversions overnight. If this were to happen in Europe it could translate to close to €600bn being wiped off the online economy.
SCA has been almost two years in the making and it is the EU's effort to stem the ever-rising trend of card-not-present (CNP) fraud, which predominantly occurs in online shopping transactions. With European online commerce set to grow to €1tn by 2022, payment security must become more robust. Latest estimates from the ECB claim that each year €1.3bn is lost to card fraud.
For CNP transactions over €30, Banks, merchants and payment processors will have to implement two-factor authentication. Recurring payments will be exempt and customers can ‘whitelist’ businesses with their account provider so they don't need to reauthenticate for every payment. With CNP fraud ten times that of in-store fraud, SCA regulation will be expected to bring down that ratio dramatically.
1. Ensure your analytics are set up to measure completion rates well before the implementation date. Establishing what your average conversion rate is will enable you to spot any drop off in conversions due to the added complication of verifying transactions. Knowing there's an impact will help you get ready to take action.
2. Explore whether your payment service provider will qualify for SCA exemptions to minimise the impact of customer attrition related to payment friction. Under the new rules, exceptions may be allowed for businesses that can keep fraud levels below specified fraud reference rates. Transaction risk analysis tools can offer solutions that determine in real-time whether to wave through a transaction or apply SCA rules.
3. Experience what your customers will experience. If you are processing card payments as a merchant, be sure to run tests to understand what the user journey looks like with the added security steps in place. Staying ahead of the game will give you time to update helpdesk guidelines, staff training, chatbots and triggered email to assist customers who have abandoned carts or had payments declined.
Consider using the following resources to get dummy payment details to run tests on your check-out process:
4. Communicate. Appropriately. We can learn a thing or two from how companies communicated GDPR changes to end-users before May 2018 (and from those attempting to do so with the upcoming CCPA changes in the US). Don't be tempted to overwhelm your customers with emails notifying them that they may face difficulty making payments. Do, however, plan which channels are appropriate and get your timing right. If you notice lower-than-average conversion rates in your analytics, ramp up social media messages offering customers tips on how to navigate the added security steps. If you realise page exits are increasing at a particular stage of the check-out funnel add a message or banner to the page.
5. Ensure that your site offers different payment choices. We all forget passphrases, lose data and even lose our phones from time to time. Ensure these mishaps don't prevent customers from completing transactions by including alternative ways to pay.
While SCA measures may impact completion rates for purchases in the short term, consumers will soon adjust to the new standard of two-factor authentication for online card payments. Further down the road innovative ways of integrating two-factor authentication via biometrics and 3rd party payment providers will smoothen out the process to offer near-frictionless ways to guarantee compliance with the EU requirement for businesses.
Increasing consumer trust in online payments by making it harder for fraudsters is a positive step.
Will you be prepared for SCA? Here is one useful site to keep an eye on for updates during 2020.