Forward-thinking retailers should see PSD2’s tougher security requirements as a rare opportunity to seize a competitive edge by building a state-of-the-art payment experience for customers, a new independent research firm analysis concludes.
The report by Forrester Research, titled “Retailers, Use PSD2 to Drive Differentiation for Your Customers,” Jan. 17, 2020, freely acknowledges the challenges and potential damage to conversions the new rules bring. For instance, retailers, payment providers and others have criticized Strong Customer Authentication (SCA), for adding friction to the checkout process.
But with enforcement of new rules now only months, not years, away, Forrester Research analysts are telling European merchants that there is plenty of upside to doing PSD2 right. And while the report doesn’t mention it, COVID-19 might actually play a role in making PSD2’s requirements more palatable to the consumers who will confront them every day.
- Though PSD2’s SCA requirements have been talked about mostly as a customer-experience killer, the new regulation actually provides an opportunity for retailers to build a killer customer experience, according to a new independent research firm analysis.
- PSD2 allows retailers to take complete charge of their payment stacks, meaning more control over experience and fewer expenses in some cases.
- New technology solutions — like Signifyd’s Seamless SCA — have made the future of payment regulation in Europe look a lot brighter.
It is speculation at this point, but the world has been turned upside down. Citizens of Europe and the world have spent weeks, if not longer, sheltering at home and following rules that would have seemed absurd six months ago: keeping two meters apart, wearing masks in public, waiting one’s turn to enter a store.
Why shouldn’t the way we conduct transactions change, too?
Besides, if done properly, instituting PSD2’s SCA will improve customers’ shopping experience. A quick review: PSD2 is the regulation that took effect in the European Economic Area last September. Its enforcement was delayed as retailers, consumers and banks all seemed unready to launch all that was necessary to make the new rules practical.
PSD2 requires strong customer authentication
Among other things, the regulation required that customers conducting online transactions be authenticated by two out of three methods — something the consumer knows, something the consumer has and something the consumer is. (For instance, password, mobile device digital identification, a fingerprint.) The idea was to make transactions safer for consumers and to make fraudulent transactions more difficult.
Merchants and payment processors initially howled, complaining that having to take extra steps at checkout would lead to devastating cart abandonment. But with enforcement of the regulation paused, innovative solutions, including one developed by Signifyd, have been gaining prominence in the conversation. With new technological solutions, the prospects no longer seem as dire.
And the Forrester Research report points out several ways that PSD2 can make retailers’ lives better.
“However, if implemented well, change need not be disruptive and aspects of the regulation can unlock new opportunity, innovation, and potential cost savings for retailers and their customers,” the report says.
While SCA has been a key focus of discussions around PSD2, there is much more to the regulation. It includes a move toward “open banking,” which empowers consumers to see, in one place, their full financial profile and easily compare terms, fees and interest earned on multiple accounts, loans and investments. The model makes a whole new kind of commerce possible, which the Forrester Research report expounds on.
“PSD2 also provides an opportunity to optimize payment acceptance, migrating customers to payment options that are cheaper for retailers,” the Forrester Research report explains. “Retailers can even go so far as to become payment initiators themselves and take more direct control of their payment stack.”
The new regulation, enforcement of which is scheduled to begin Dec. 31, allows for a new kind of payment entity, called a payment initiation service provider (PISP). A PISP is allowed, with a consumer’s permission, to use a bank’s infrastructure to request payments directly from a shopper’s bank account. And under the new framework, a retailer can become a PISP.
PSD2 gives retailers an opportunity to improve customer experience
Retailers will also be able to use consumer data and account information to build better experiences and products for customers.
“The upheaval to customer authentication as a result of compliance with PSD2 gives retailers the opportunity to redesign process and use payment as an anchor for the customer experience,” the Forrester Research report says
Click to Tweet
While there is plenty of upside for merchants who deftly deploy strategies to make life better for themselves and their customers, that doesn’t mean the regulation’s challenges go away. Forrester Research has some advice for tackling those as well.
First, like any regulations, PSD2 and it’s SCA requirement come with exceptions. The rules allow for exemptions for certain low-risk transactions, provided that the merchant’s fraud rate falls below reference rates set by the European Union. For instance, mobile orders under €30 or a contactless, point-of-sale order under €50 can be exempt — though no more than five in a row are exempted from SCA. Subscriptions initiated by consumers and also be exempt, as long as the recurring payment is to the same merchant and for the same amount.
Consumers can also whitelist a merchant — in other words agree that SCA is not required for a transaction with that merchant. That said, it is up to the bank whether an exception will be accepted.
All of which means retailers will need to continue to accept credit cards. And for those orders that aren’t eligible for exemption, they will need to make sure they have an SCA solution in place that will meet the regulation without damaging the customer experience.
It was with that in mind that Signifyd developed the first 3-D Secure version 2.2 SCA solution to receive all of the merchant domain EMVCo certifications.
Signifyd Seamless SCA is a machine-learning-based solution that first automatically identifies transactions eligible for exemption and directs them down a friction-free path to payment, providing a smooth transaction experience and maximum conversion rates.
For transactions requiring strong customer authentication, Seamless SCA conducts dynamic fraud analysis for online retailers, then passes the SCA decision down the 3D Secure rails to eliminate delays in approval, minimize customer friction and maximize authorization rates.
The system has the added advantage of shifting all liability away from the merchant, onto the issuing bank in the case of 3D-Secure-authorized transactions, or onto the SCA provider for any transaction that would require a step-up or be declined.
There are a number of other steps merchants can take to ensure that they are ready to seize the upside of PSD2. The Forrester Research report provides guidance on analyzing the composition of online orders, optimizing checkout, preparing consumers for the PSD2 world and improving the customer experience.
The enforcement of new PSD2 and SCA regulations no doubt represents a big change. But times of change are often the perfect time to reconsider not only how to meet the change at hand, but how to think differently — and how to set the enterprise up for the next, inevitable change.
Photo by Getty Images
We can help you navigate PSD2 and SCA.