What is PSD2 and how can your business prepare for it?

PSD2 is the second of two Payment Services Directives from the European Commission. PSD2 updates the EU rules set out in the Payment Services Directive adopted in 2007 (PSD), which provided the legal foundation for an EU single market for payments. PSD2, aims to give consumers greater choice and better protection when making payments online. It also seeks to open up payment markets to new entrants and specifies how financial institutions should monitor and prevent fraud for remote commerce.

One of the major components of PSD2 is SCA- Strong Customer Authentication. In simple terms, SCA is a 2 factor authentication for making online payments. This aims to reduce online fraud for both customers and merchants. How is SCA applied? SCA is enforced using 3D Secure. This is an additional security layer that requires customer authentication from the customer's bank provider whose card is applied when purchasing online. 3D Secure is already popular within the ecommerce space, however it will become even more prominent with the introduction of PSD2.

SCA authentication will require at least two out of the following three factors:

a) Knowledge – Something only the user knows (e.g., passcode or PIN);
b) Possession – Something only the user possesses (e.g., mobile phone or token);
c) Inherence – Something the user is (e.g., fingerprint, facial, iris or eye vein).

SCA is required when the payer initiates an electronic payment transaction, however some exceptions are valid. These include:

- Payments up to €30 (to a maximum of 5 transactions in a row)

- Transaction Risk Analysis- Your Payment Services Provider (PSP) can determine the risk level of transactions. PSP’s that show low rates of fraud can possibly avoid using SCA.

- Recurring transactions/ subscriptions- e.g gym membership

- Trusted beneficiaries

- Mail Order/ Telephone Order

- Merchant Initiated Transactions- these are payments made by the merchant on behalf of the customer. For instance, phone companies are common users of this.

Overall, PSD2 legislation can be seen as a positive to ecommerce for both customers and retailers as numerous benefits will arise such as:

1) Friction-free customer experience

2) Increased protection from fraud/chargebacks

3) Less declines/ cart abandonment

4) Customer confidence and loyalty

The European Banking Authority has set the FINAL DEADLINE to 31ST DECEMBER 2020 for implementation of (SCA) for e-commerce card-based payment transactions. Furthermore , online merchants have until this new deadline to migrate to a SCA ready payment solution in order to be compliant. Additionally, it is equally important to inform customers of the oncoming changes to payment processing.