SCA: Retailers Say Meh, But Customers Claim They’ll Abandon Online Purchases That Require 2FA
By Shagun Varshney, Senior Product Manager, Payment Solutions, Signifyd
On September 14, 2021, ecommerce retailers in the United Kingdom will finally have to operate under the Strong Customer Authentication (SCA) requirement of Payment Service Directive 2 (PSD2).
SCA requires online merchants to go through a rigorous two-factor identification (2FA) regimen before processing customers’ transactions. It’s a major change, and a big deal for both merchants and consumers. Big because it requires merchants to put the right SCA technology in place for their check-out systems. And big because it significantly changes the consumer experience.And not in a good way.
Indeed, in one recent Signifyd survey, nearly half (46%) of UK consumers find the current state of two-factor authentication frustrating enough that they are “somewhat” or “very likely” to give up on a transaction that requires it.
Yet Signifyd’s latest State of UK Commerce study found that only 12.8% of UK ecommerce retailers named SCA enforcement as their biggest worry for 2021.
Granted, ecommerce retailers have a lot on their plates in this almost-post-? Pre-post-?mid-? and certainly uncertain stage-of the COVID-19 pandemic. But they may be missing signs that a tsunami of lost revenues could sweep over them.
That’s because despite UK merchants’ sanguine attitudes towards SCA, the reality of how the regulation suppresses online transactions is making most online retailers in the European Economic Area (EEA) exceedingly unhappy. Sales have dramatically fallen in the parts of the EU where SCA is already being enforced. In February, 2021, the average decline or shopping cart abandonment was 31%.
The latest estimate for the annual transactions at risk across Europe because of SCA?€96 billion. That represents a lot of abandoned virtual shopping carts. And a lot of unhappy customers.
New concerns for a new era
As Signifyd’sState of UK Commerce 2021 report points out, as a direct result of COVID-19, consumers are shopping online more — and a significant number are doing so for the first time. UK merchants are both benefiting from this trend, and having to make rapid changes to supply chains, infrastructure, and employee roles to keep up with what the pandemic has wrought.
For example, the number of newbies to online shopping shot up by nearly a third (32.4%) in 2020 compared to 2019, according to Signifyd global data. In aggregate, these new online consumers spent a whopping 163% more online than their peers back in pre-COVID 2019.
Consumers who were already fans of ecommerce also dramatically increased their purchases in 2020. Together, both veterans and newbies were quite specific—and demanding—about the ways they expected retailers to give them what they wanted, when they wanted it, and where they wanted it. That led to investments in contactless payment systems, click-and-collect operations, and locker collection infrastructure.
When asked about their biggest challenges, a plurality of retailers (43%) named the continued effort required to deal with COVID-19. Fallout from Brexit came second (40%).
As we previously mentioned, SCA came way down on the list. But we wonder if retailers are wise to ignore it. Yes, the regulation was passed in the name of a good cause—to prevent fraud. But it will probably require more time and effort than they imagine to deal with the intricacies of complying with SCA.
The fraud conundrum
Businesses face a conundrum when taking action to prevent fraud. They must balance the risk of fulfilling fraudulent orders if they aren’t rigorous enough about authentication with alienating genuine customers – and losing revenue – if they are too rigorous.
It seems at first glance that perhaps SCA might be too exacting to meet consumers’ expectations of a good online experience.
Happily, technology exists to smooth out the checkout process for consumers even when meeting SCA requirements. For example, leading anti-fraud vendors offer SCA-specific solutions that are designed to prevent any deterioration of the customer experience when using 2FA to verify purchases are legitimate.
Keeping your TRA as low as possible
And of course, a leading anti-fraud solution provider will keep your TRA (transaction risk analysis) score low. And this alone might make most SCA challenges evaporate.
That’s because, if you can keep your fraud rate to .01% or less, most purchases that cost less than €500 are exempt from SCA. That’s right—exempt. You can even get breaks with higher fraud rates: achieve a fraud rate of less than .06% and purchases under €250 are exempt; less than .13% and purchases less than €100 don’t need 2FA. So you should be highly motivated to invest in an anti-fraud solution that will minimize your TRA.
Some leading fraud vendors will even guarantee that all purchases they give the green light to are legitimate—or they will eat the cost of the chargeback or lost goods. This not only saves you money, it saves your TRA from rising at a time when online retail fraud is accelerating.
In summary, solutions exist for dealing with the SCA watershed that’s coming up in September for UK merchants. Right now, there’s still time to plan and put the right technology solutions in place to avoid the kinds of revenue losses the rest of Europe has been experiencing. But a good first step is to first open your eyes, and—as self-help gurus like to say—acknowledge that you have a problem.