Contact us

To help us direct you question to the best team to provide an answer please select which option best descibes you.

  • I would like to speak to someone about setting up a new account
    Next
  • I'm an existing customer and need help with my account
    Next
  • I’m looking to integrate payments to my software platform or application
    Next
  • I’m a member of the media
    Next

Strong Customer Authentication: what happens next?

Sep 10, 2019

Since the implementation of PSD2, this week's Strong Customer Authentication deadline has been penned into the diary of the payments industry. But now an 18 month delay has been announced in the UK.


Simon Chandramani, VP of Sales, Card Processing, Paysafe, Europe, explains  why a delay to the SCA implementation deadline was nececessary, and how merchants should be thinking about implementation of 3DS2 between now and March 2021.

With half of EU member states implementing a transition period for SCA, do you expect others to now follow suit?

Yes, we would expect other EU member states to follow suit. It's clear that across Europe the ecosystem is not ready for SCA whether that be customers, merchants, issuers or even acquirers. The world of eCommerce is not limited to national borders so to ensure a fully functioning payments world we need regulators to act in lock step.

Is it a good or a bad thing that these periods have had to be put into place by NCAs?

While any delay is never ideal, the reality is that no extension could have been very problematic for the online retail industry. The value of card transactions that would have been blanket declined for not being SCA compliant on September 15 could have potentially run into billions of pounds, so it is a relief that the FCA and other national authorities have taken a pragmatic approach to implementing SCA and are listening to the needs of the market.

Have you seen a real need for this transition period from the industry?

Absolutely. Customers are rightly very sensitive to the possibility of fraud and could be alarmed at the presentation of the new journeys required as part of PSD2, leading to cart abandonment. Couple that with the fact that so few customers have valid mobile numbers registered at their bank - a key component of SCA - it’s clear that a huge education piece is required to prepare customers and the market for the incoming changes.

Equally there is work to do from a merchant perspective. A large number of our merchants are already using 3DS v1 which means that they are compliant with the new rules, however there is a huge opportunity to move to an improved mobile optimised experience that leverages exemptions when using 3DS v2. This may seem like a small thing, but we’re likely to see a dramatic increase in the number of transactions which require a step up in authentication post 14th September. How this is managed then becomes key to ensuring now degradation of services while leveraging the positive fraud management aspects with the new 3DS service.

Does having half the continent delaying and the other half not (so far) make anything difficult when having to deal with client requests?

Currently there’s a lack of clarity as to which banks will take advantage of the delay in SCA enforcement, but also at a market level as to which regulators will offer the delay. As such, to avoid declines we are advocating to our merchants that they maintain the 14th September deadline so as to accommodate issuers and regulators who choose not to extend the deadline and ensure authentication rates are not affected.

How will this impact the end customers, especially when trying to transaction cross-border?

If you have customer whose card is issued in a country that has chosen not to extend the deadline and the customer tries to transact with a merchant who does not have 3DS there is a greater chance that their transaction will be declined by their bank.  This in itself is a poor experience but from a customer perspective they're unlikely to know why their transaction has failed and why with one merchant it is OK and others it isn't.

If you could hazard a guess as to how readiness for SCA might progress under the transitions, when do you think everything will be compliant without the need for exemption?

In the UK the FCA has been very clear that there will not be another extension to the deadline. Issuers, acquirers and merchants will have to be ready by the end of the 18 month extension or face blanket card declines. With the phased implementation approach that is being adopted, the industry will need to show that it is progressing throughout the extension period. It will not be acceptable to fall behind adoption checkpoints, either intentionally for strategic advantage or unintentionally. Our opinion and the opinion of issuers we speak to is that, regardless of the extension, it is still preferable to implement 3DS2 and become SCA compliant as soon as possible, so we would expect to see strong levels of compliance ahead of the deadline.

Last month Paysafe recorded a panel discussion with Mastercard and New Day discussing the implementation of 3DS2 and the impact of a delay to Strong Customer Authentication. Click here to watch the video.

Recommended Articles

Why Black Friday will be a catalyst to re-thinking the online checkout

Nov 30, 2020 - The UK is heading into Black Friday and Cyber Monday weekend with all non-essential stores closed, meaning that consumers will need to search online for holiday season deals. How these shoppers pay, and who they choose to buy from, could re-shape the eCommerce checkout for UK retailers permanently.

  • Danny Chazonoff, Chief Operating Officer
  • Four minutes
Read more

The UK is heading into Black Friday and Cyber Monday weekend with all non-essential stores closed, meaning that consumers will need to search online for holiday season deals. How these shoppers pay, and who they choose to buy from, could re-shape the eCommerce checkout for UK retailers permanently.

Read more
Do merchants have anything to fear from 3DS 2.0?

Mar 25, 2019 - The new industry standard for authorising card payments to comply with Strong Customer Authentication requirements is going to have a significant impact on merchants. So should they be concerned?

  • Four minutes
Read more

The new industry standard for authorising card payments to comply with Strong Customer Authentication requirements is going to have a significant impact on merchants. So should they be concerned?

Read more
Could online cash solutions solve card decline issues?

Sep 24, 2019 - Abandoned transactions are a serious concern for online businesses. But if a consumer was prompted to pay with cash when their card wasn't accepted, could the adverse effect of declines be removed?

  • Robert Albrecht, Head of New Business, Paysafecash
  • Five minutes
Read more

Abandoned transactions are a serious concern for online businesses. But if a consumer was prompted to pay with cash when their card wasn't accepted, could the adverse effect of declines be removed?

Read more