August 16, 2019

The last several years have been busy for merchants conducting business across Europe. Between the General Data Protection Regulations (GDPR) that went into effect in May 2018, and the newly revised Payment Services Directives (PSD2), European payment and data security regulations have been driving the conversation around e-commerce and the digital payment industries. 

The latest news out of the UK is an update to the implementation of one of the most important pieces of legislation affecting the financial and retail sectors - the UK’s Financial Conduct Authority (FCA) has confirmed an 18-month delay to the introduction of Secure Customer Authentication (SCA) requirements.

For Those of Us That Haven’t Been Paying Attention...

SCA intends to better protect online customer data and to reduce online transactional fraud. Under SCA requirements, merchants need supplemental authentication from their customers for transactions in the European Economic Area (EEA), in order for them to be approved. The new rules require customers to authenticate their identities using two of the following three methods:

  • Knowledge - Something only the unique user would know (e.g. password)
  • Possession - Something to which only the user has access (e.g. mobile phone)
  • Inherence - Something the user “is” (e.g. fingerprint)

Regardless of the fact that the UK has delayed the implementation of these requirements (in an effort to allow merchants to more amply prepare), all merchants outside of the UK will still be expected to be ready to comply with the original implementation date of 14 September 2019. This will likely cause discrepancies in the handling of data and authentication processes, leading to added friction and poor customer experience for many merchants. 

Fraud Waits for No Regulation

Perhaps an even more important consideration is the fact that fraudsters are not waiting around for SCA to go into effect before they strike. E-commerce fraud rates show no signs of abating and opportunistic fraudsters are looking for new methods by which to exploit retailers' platforms. In the UK alone, overall CNP fraud increased to £506.4 million in 2018; a rise of 24% when compared to 2017, and criminals have stolen more than £1.2 billion through fraud scams in 2018. Thanks in part to the frequency of data breaches, fraudsters also have more access than ever before to the personal details and data of millions of individuals across the globe. Armed with this information, fraudsters are able and more likely to commit ATO attacks, having discovered that leveraging an individuals’ account holds more value (and can do more damage) than simple transactional fraud. Forter has seen ATO attacks remain persistent and high, increasing by 45% by the end of 2018 compared to the beginning of 2017. 

How Can Merchants in the UK and Europe Prepare?

Merchants will need to consider how much business they stand to lose over the next 18 months from leveraging a sub-optimal approach to fraud management and maintaining the status quo, and the revenue they could recapture if they instead leveraged a best-in-class approach. In contrast, merchants who have proactively implemented a strategy in consideration of PSD2 and SCA requirements stand to greatly benefit from their efforts as these regulations are enforced. 

In partnership with Forter, online retailers can integrate Forter’s PSD2 Solution for Merchants, thereby streamlining PSD2 compliance requirements and ensuring that transactions needing to undergo SCA, will be dynamically routed accordingly. Forter automatically evaluates the risk of each transaction and routes it through the path of least possible friction. Merchants will be able to protect their approval rates (and revenue), reduce drop-off rates, and minimize fraud – all through a single integrated platform.

What's the Bottom Line?

Fraudsters are not pausing their attacks in anticipation for SCA requirements of PSD2 to go into effect, so why wait to partner with a PSD2-ready fraud prevention platform?

Reach out to us at info@forter.com for more details about how Forter’s PSD2 Solution for Merchants can help your business.

 

Compliance GDPR Customer Experience Regulations

Sign up for blog updates