Strong Customer Authentication is coming. Dominic White of Visa Ireland explains how businesses can prepare for the EU payments regulation
At Visa there was an almost 40% increase in e-commerce transactions in December 2020 compared with the previous year — a clear sign of how our shopping behaviour is changing.
With no signs of the online shopping trend slowing, it is more important than ever that it remains easy to buy and sell online, and equally important that businesses play a role in keeping their customers’ payments secure.
But some Irish online businesses are not ready for a new EU security regulation that, in making payments more secure, could make it harder for customers to pay at online checkouts.
Strong Customer Authentication (SCA) is part of a broader EU payments regulation known as PSD2 and aims to reduce fraud by adding an extra layer of security to online payments. It requires banks to check payments are being made by the correct cardholder by asking them for more proof of identity.
July 1 Deadline
SCA was introduced in Ireland in January 2021 but is being gradually implemented until the deadline on July 1. Your customers may have already noticed some changes to their checkout experience, and may have needed to provide additional verification of their identity when paying online.
Payments that don’t meet the requirements set out by SCA after July 1 may be declined by banks. To prevent disruption, online vendors should add a piece of technology to their checkout.
The technology is called 3D Secure (3DS). It scans payments as they come through to determine if they seem likely to be fraudulent and enables banks to verify the authenticity of the customer by asking them for more proof of their identity.
At Visa, we believe the best way to make sure your customers’ payments support the regulation is to add the latest version of this technology — EMV 3D Secure. This version gives banks more information on a payment and is also more suited for use on mobile phones and other smart devices.
If banks can verify the identity of their cardholder at checkout because you have implemented 3DS, your business could also benefit from liability protection in the unlikely event that fraud takes place.
How To Upgrade
Although the regulation may seem daunting, it is easy to upgrade your payments system to be ready for SCA.
The first thing you should do is contact your business bank or the company that provides your online checkout service and ask them to ‘switch on’ 3D Secure or the optimised version, EMV 3D Secure, to support the regulation. It is up to you to make the request as it won’t necessarily happen automatically.
It’s also worth noting that not every online payment will require SCA — there are certain cases where a payment might be exempt, such as low-value payments. Your business bank or gateway will be able to help you identify these exemptions so you can minimise the number of transactions that need SCA.
Our recent data shows that the uptake of the technology required to comply with SCA among large e-commerce businesses is currently c.77% for some form of 3D Secure, and 65% with EMV 3D Secure.
• Dominic White (pictured) is acting country manager with Visa Ireland