Strong Customer Authentication (SCA)

So you wish you can just pull our you card and get it working on any or every website, right?

Well maybe your card is in the hands of a robber. Those that looks to scam your digital wallet and make your pay the price with a load of bills from high credit card runs.

We not have designed the SCA protocol that will has been in effect for the past 4 year in the European markets.

If you are a Digital Marketer, you’re likely to be aware that the Second Payments Services Directive (PSD2) came into effect on September 14th 2019, ushering in new security requirements for any business that accepts online card payments within the EU and EEA (European Economic Area).

A major element of the PSD2 is Strong Customer Authentication (SCA) and its full implementation has been put off until December 31st 2020. But it’s never too early to start preparing for SCA, as we will cover here.

When SCA comes into effect, it will mean that banks can begin declining card-not-present transactions (CNP) that do not satisfy at least two of the three core elements of Strong Customer Authentication. These are:

Why is this important for Digital Marketers? Well, a longer payment process involving passwords, pins or fingerprints adds unwanted friction to the online payment process. And as marketers we know all too well that adding additional steps to the conversion funnel is a sure-fire way to lower conversion rates. In 2014, India implemented similar payment security measures. The result was a 25% drop in conversions overnight. If this were to happen in Europe it could translate to close to €600bn being wiped off the online economy.

Why now?

SCA has been almost two years in the making and it is the EU’s effort to stem the ever-rising trend of card-not-present (CNP) fraud, which predominantly occurs in online shopping transactions. With European online commerce set to grow to €1tn by 2022, payment security must become more robust. Latest estimates from the ECB claim that each year €1.3bn is lost to card fraud. 

Who will be affected?

For CNP transactions over €30, Banks, merchants and payment processors will  have to implement two-factor authentication. Recurring payments will be exempt and customers can ‘whitelist’ businesses with their account provider so they don’t need to reauthenticate for every payment. With CNP fraud ten times that of in-store fraud, SCA regulation will be expected to bring down that ratio dramatically.

How should Digital and E-Commerce marketers prepare for SCA?

1. Ensure your analytics are set up to measure completion rates well before the implementation date. Establishing what your average conversion rate is will enable you to spot any drop off in conversions due to the added complication of verifying transactions. Knowing there’s an impact will help you get ready to take action.

2. Explore whether your payment service provider will qualify for SCA exemptions to minimise the impact of customer attrition related to payment friction. Under the new rules, exceptions may be allowed for businesses that can keep fraud levels below specified fraud reference rates. Transaction risk analysis tools can offer solutions that determine in real-time whether to wave through a transaction or apply SCA rules.

3.  Experience what your customers will experience. If you are processing card payments as a merchant, be sure to run tests to understand what the user journey looks like with the added security steps in place. Staying ahead of the game will give you time to update helpdesk guidelines, staff training, chatbots and triggered email to assist customers who have abandoned carts or had payments declined. 

Consider using the following resources to get dummy payment details to run tests on your check-out process:

• http://www.getcreditcardnumbers.com/ 
• https://docs.payments.service.gov.uk/testing_govuk_pay/#submit-a-test-transaction-using-mock-card-numbers 

4. Communicate. Appropriately. We can learn a thing or two from how companies communicated GDPR changes to end-users before May 2018 (and from those attempting to do so with the upcoming CCPA changes in the US). Don’t be tempted to overwhelm your customers with emails notifying them that they may face difficulty making payments. Do, however, plan which channels are appropriate and get your timing right. If you notice lower-than-average conversion rates in your analytics, ramp up social media messages offering customers tips on how to navigate the added security steps. If you realise page exits are increasing at a particular stage of the check-out funnel add a message or banner to the page.

5. Ensure that your site offers different payment choices. We all forget passphrases, lose data and even lose our phones from time to time. Ensure these mishaps don’t prevent customers from completing transactions by including alternative ways to pay.

• Adyen
• Amazon Pay
• Stripe
• PayPal
• WorldPay

While SCA measures may impact completion rates for purchases in the short term, consumers will soon adjust to the new standard of two-factor authentication for online card payments. Further down the road innovative ways of integrating two-factor authentication via biometrics and 3rd party payment providers will smoothen out the process to offer near-frictionless ways to guarantee compliance with the EU requirement for businesses.  

Increasing consumer trust in online payments by making it harder for fraudsters is a positive step.

Will you be prepared for SCA? Here is one useful site to keep an eye on for updates during 2020.

The original Article was taken from here: https://www.coursera.org/learn/digital-leadership-digital-strategy-execution/ungradedWidget/KJ4CU/5-things-you-need-to-know-about-sca