The revised Payment Services Directive (PSD2) goes into effect in many European countries on December 31st , triggering significant changes in the way payments are processed within the European Union (EU) and European Economic Area (EEA).
The most concerning aspect of the PSD2 pertains to the impact of Secure Customer Authentication (SCA) on eCommerce businesses.
Under the new directive, online transactions will require additional customer verification to secure the transaction. The purpose of this multi-factor authentication is to increase payment security, and the current way of doing that is to implement the 3D-Secure protocol (3DS).
Today, many online businesses believe that the only way to comply with PSD2 is to integrate 3DS; however, that is not quite true. While it is necessary to have a 3DS solution to comply with PSD2, merchants must ensure that broadly applying 3DS to transactions is not the approach they rely on, or they will risk losing out on revenue, reducing conversions and impacting overall profitability.
Download The Real Cost of 3DS Authentication.
The double-edged sword of 3DS
In theory, 3DS is an excellent tool for eCommerce brands; it is PSD2 compliant, ensures customer verification, and reduces the risk of fraudulent transactions by increasing security.
But 3DS negatively impacts the sales process by increasing customer friction and failure rates and reducing transaction authorization.
Why 3DS Transactions Fail:
- Transaction Failure: Technical errors often lead to transaction failure. This may result from a gateway error, PSP issue, the issuing bank not setting up 3DS processing, card scheme, or other problems.
- Customer Abandonment: Depending on the approach used, 10-30% of customers will abandon the checkout process during the 3DS multi-factor verification process due to the friction it causes. This customer-triggered event negatively impacts direct profitability as well as customer experience and loyalty rate.
- Authorization Decline: Authorisation declines can result from a fraudulent transaction, or a legitimate transaction that the bank deems to be high risk. This typically means that, while the customer has the available funds and is in fact who they say they are, the acquirer or issuing bank does not want to assume the liability. This will likely increase with PSD2 as the liability for chargebacks shifts to the issuing bank, making them more risk-averse when approving authorizations.
The impact of 3DS transaction failure
There are already many reasons why 3DS transactions fail – but what many merchants don’t realise, is that even when 3DS is successful, the transaction authorization can still be unsuccessful, resulting in a failed transaction. When this happens, both customers and eCommerce businesses suffer.
The overall impact of 3DS on conversion is roughly 25% across Europe, with some countries experiencing failure rates as high as 71%, as seen in France.
In Spain, 53% of transactions processed through 3DS could end up failing, in Italy, 33%, and in Germany, 43%. The only country to dip below double digits, and just barely, in the UK, where ‘only’ 9% of transactions processed via 3DS fail.
If only high-risk transactions were routed through 3DS processing, and other authentication methods were used, this would be problematic but manageable. However, with the new PSD2 regulations coming into effect come January 1st, 2021 in the EU, it is likely that many acquiring banks will process all transactions in Europe using 3DS; this makes 3DS failure rates potentially catastrophic.
Over 80% of the transactions that fail are the result of abandonment and issuer bank failure. This means that many of these failures could have been prevented.
Reducing risk while remaining PSD2 compliant
While merchants cannot avoid 3DS altogether, reducing the risk 3DS poses to their businesses is possible.
The first thing is to ensure that multiple processors are in place. Some payment processors keep all 3DS executions within their own ecosystem, creating a single point of failure. If the processor suffers from technical issues, all of a merchant’s transactions will fail.
There is another benefit to having multiple processors; each processor has its own set of rules and may uniformly approve or reject transactions based on industry, geography, or other parameters. Having various processors maximizes the chances of finding the right processor for each transaction, increasing overall approval rates and profitability.
However, minimizing friction and integrating dynamic payment methods is as important and effective for an eCommerce businesses’ bottom line as having multiple processors.
The importance of reducing friction
Customer experience is a crucial element of the eCommerce industry. Without the benefit of in-person interactions, online businesses must ensure that the user experience is frictionless and simple throughout every step of the way. While this commonly refers to the website’s visual appeal and flow throughout the site, the customer experience during the checkout process is just as critical.
This is especially important in today’s COVID-era, as more and more consumers turn to online shopping due to social distancing practices and lockdowns. New online shoppers, unaccustomed to digital friction, have a higher chance of abandoning the checkout process – especially if it is complex in their eyes. Not only will this impact their current purchase, but it may impact their future online shopping habits as well.
This is why eCommerce brands must ensure that the checkout process is as frictionless as possible. Any interaction that ‘does not feel right’ or does not work smoothly may cause short and long-term losses to a business. Declining a new customer’s first transaction means potentially declining the whole lifetime value of that customer – which could be 8x the value of the initial transaction.
In terms of payment, having a checkout process reduces touch points and makes it easy for consumers to complete their purchase without going through unnecessary steps.
Reducing friction with dynamic payment processing
To completely reduce friction to the bare minimum, it is necessary to integrate a dynamic payment method processing solution. Such a solution will enable fluctuating between SCA methods and increase the chances of a completed transaction both from the customers’ and merchants’ sides. This will also enable offering a payment processing method that the customer is most likely to complete.
For example, in Holland, consumers are more likely to complete a purchase using iDeal rather than a credit card with a 3DS challenge. Each country has unique criteria, and consumers in each country have their own online shopping habits that must be taken into consideration.
Providing each customer with the multi-factor verification option that best suits their purchasing habits ensures that PSD2 compliance is upheld, and that the customer checkout process is as frictionless as possible.
Solutions such as Forter’s dynamic 3DS takes into consideration the entire eCommerce payment ecosystem, specifically adapting the checkout process to the unique consumer profile. This enables routing low-risk customers through the path of least friction and high-risk ones through additional verification processes. Frictionless 3DS can increase authorization rates by 10% on average, with some countries, such as Spain, seeing increases as high as 20%.
Another key benefit to having alternative SCA solutions to comply with PSD2 is the ability to recover potentially lost transactions. With traditional 3DS, once a transaction is declined, there is nowhere to go from there. However, with dynamic 3DS, a declined transaction may be recovered throughout the process without the customer knowing. This further improves transaction approval rates for eCommerce brands and directly impacts profitability.
Now is the time to optimize payment processing
Businesses and merchants operating in the EU or EEA need to have a PSD2 compliant solution that works for them and helps maximize conversions and revenue generation.
Those that do not seek alternative payment processors and have a solution set in place will find themselves routing all transactions through 3DS. This will negatively impact the payment process for consumers and the approval ratio, ultimately harming profitability.
Preparing now for PSD2 will enable the incorporation of advanced payment optimization solutions with smart routing capabilities. Many countries and local issuers are not PSD2 ready. This is seen by the high stand-in rate for Visa and Mastercard that they have in place. Having high stand-ins indicates that issuers are not prepared for the additional verification PSD2 demands, and they will route all transactions through Visa and Mastercard 3DS.
Reducing transaction failures, increasing conversion ratio, and ensuring regulatory compliance is the role of the merchant. That is why eCommerce businesses need to examine their current 3DS solutions and find an optimization solution that offers a more sophisticated ways of identifying when and how to apply 3DS, how to route transactions, and adapt to customer behaviours and preferences in order to maximise the percentage of transactions that can be completed successfully.
Questions to ask your payment processing provider:
- Are you ready for PSD2 to go into effect on January 1st, 2021?
- Will all transactions be routed through 3DS?
- How will you handle exemptions and exclusions?
- How do you detect low risk transactions to process them with TRA exemptions?
- Do you have a mechanism in place to route failed exemption and exclusion requests to 3DS?
- What is your Visa/Mastercard stand-in rate?
- Do you offer dynamic 3DS based on user profiles?
To discuss these questions and others ahead of the PSD2 deadline, contact one of our payments experts at Forter today.
Subscribe to Forter’s fortnightly newsletter to receive updates on PSD2 insights and strategies.