Strong Customer Authentication (SCA) and TPP access rules for e-commerce transactions are delayed by a further six months in the UK. Merchants and consumers get more time to prepare themselves for the significant changes. What are the options to make sure payment service providers can offer the best solutions before the new deadline?
What is the goal of the new rules?
UK's Financial Conduct Authority (FCA) intends to enhance the security of payments and limit fraud during the authentication process. In practice, this means that the payments process as a whole would be less prone to fraud. Now the FCA is introducing a new set of rules for Strong Customer Authentication (SCA) and TPP access which demand a two-step verification process for all online purchases, in line with 3DS2.1 and newer versions mandated by international payment networks, based on ‘step-up’ challenge authentication.
This means that one of the most important parts of the online customer journey, the checkout, might feel more complicated for customers. Merchants and payment service providers are facing the challenge of creating a new customer experience for e-commerce transactions.
Why is there a delay?
Merchants seem to struggle with the new rules because they may inflict on the customer experience. Implementing an 'extra step' can feel like too much hassle for a customer, and the customer can decide to leave the checkout procedure.
The FCA says in a statement: "This further 6-month extension is to ensure minimal disruption to merchants and consumers, and recognises ongoing challenges facing the industry to be ready by the previous 14 September 2021 deadline. The new 14 March 2022 deadline is the latest we expect full SCA compliance for e-commerce transactions."
The new rules presented by the FCA are based on the SCA rules from the European Banking Authority (EBA). Across Europe, SCA rules are enforced already, and the first results are interesting, to say the least.
Merchants in Spain and France have experienced, on average, a 25% reduction in conversion rates.
In Germany, merchants experience a decrease of 30% in conversion rates.
Merchants in Italy saw a loss of up to 40% of transactions.
Each month this costs millions of Euros, and it shows that good preparation for the new rules is significant. Major changes in the payment process are a struggle for many merchants. They have to be ready, and meanwhile, customers have to be prepared for an increase in friction at the checkout. The extra 6 months given by the FCA are more than welcome for merchants, banks and payment service providers.
Is there a different way to comply before the deadline?
Given the challenges faced with new regulations like SCA and TPP rules, there is clearly a need for top of the bill and flexible solutions. Payment platforms have not only to comply with all the (new) laws and rules from authorities; they have to offer a solution that has an excellent User Experience (UX) as well, through technologies like Out-Of-Band authentication and biometric readers on consumer devices.
Now, the question for payment service providers (PSPs) and banks is: to build or to buy?
Investing in a highly skilled development team that builds connectors and an innovative platform is costly and time-consuming. The same applies to ongoing changes like implementing a two-step verification process or new TPP access rules. But payment service providers can also choose to license payment gateway software to self-host or use a hosted version.
In order to build a PSP, investments have to be made not only in Technology but also in the Legal framework, Operations, Compliance, ongoing technology trends and a solid business plan. This includes a smart Go-to-Market Strategy. The SCA-cases in Spain, France, Germany, and Italy show that it can cost millions if these factors are not organised properly.
If building and managing a PSP from zero is too costly and time-consuming, the alternative would be to partner with an existing payment facilitator. Although this impacts OpEx, it has many advantages as it allows the PSP to focus on customer experience without spending time, costs, and overhead on other services. Partnering with a company that offers Software-as-a-Service (SaaS).
If you want to know more about these outsourcing options and different authentication solutions, please read the Guide Payment Service Providers On the Radar
Radar Payments is on a mission. Simply put, we are your radar in this crowded payment world. We enable you, payment service providers (PSPs), banks and acquirers and your customers to focus on growing your business, setting you up for a wider view and reach. While you take off, we keep your brand at the forefront, closer to your customers.