Skip to content

Signifyd Seamless SCA eases the way to PSD2 compliance



Join our mailing list

Signifyd regularly publishes free reports packed with business insights, commerce trends and data from our massive Commerce Network. We’ll only email when we have something meaningful to share, no more than once per week. And of course you can unsubscribe any time.

Signifyd’s Seamless SCA is the company’s latest innovation to help online retailers remove revenue-killing friction from consumer’s online buying experiences.

The new product is aimed at satisfying the stricter European security requirements that come with the rollout of PSD2 strong customer authentication regulation, or the second Payment Service Directive. The directive calls for online transactions in the European Economic Area to adhere to rigorous strong customer authentication standards that by their nature create the potential to add steps and frustration to online purchases.

Signifyd’s technology and business leaders realized that security and seamless customer experience aren’t mutually exclusive and set out to devise a way to meet the tougher standards without reverting to identity checks that frustrate shoppers and cause retailers to lose sales they’d otherwise make.

Building Customer-First SCA for PSD2 Compliance

Building Customer-First SCA for PSD2 Compliance

Turning to narrow exemptions and hard-to-manage allow lists isn’t a strategy when it comes to complying with the rigorous SCA requirements that come with PSD2 strong customer authentication in Europe. Instead, merchants should focus on delivering a great SCA experience. Signifyd VP of Operations and Corporate Development J. Bennett explains how retailers can turn SCA into a benefit for themselves and their customers in our Seamless SCA Webinar. Sign up today.

The result of those efforts is Seamless SCA payments, a clearly differentiated solution that is completely compatible with the EMV 3-D Secure 2 protocol. It addresses payment SCA head-on, rather than relying on loopholes and exemptions, which are neither wide-ranging nor predictable.

“Avoidance strategies, such as optimizing exemptions to bypass the need for SCA, are not a real solution. Delivering a great SCA experience is,” J. Bennett, Signifyd vice president of operations and corporate development, said in a news release announcing the product.

Bennett has explained that trying to avoid SCA through narrow exemptions based on transaction values, fraud risks and allow lists will cause administrative headaches for retailers and are unlikely to show the kind of return that is worth the time and resources required to keep track of it all.

Exemptions are not the answer to PSD2’s SCA requirements

The widely cited exemptions are only sometimes applicable to small value orders and ultimately depend on low fraud rates by acquiring and issuing banks. In the end, retailers have no control over either of those factors.

Instead of looking for loopholes, Signifyd relies on its machine-learning heritage to conduct dynamic fraud analysis of orders, as it has been offering along with a financial guarantee since 2014. It then passes the SCA decision down the 3D Secure rails to eliminate delays in approvals and maximize authorization rates.

PSD2 SCA solutions that come with it have caused considerable stress and some confusion among retailers in the European Economic Area (EEA). As recently as March, only 25% of online merchants in Europe were even aware of the SCA requirements that were coming their way, according to a Mastercard survey. Another 24% of those surveyed vowed not to support SCA, despite the mandate.

And while consumer awareness has not appeared to be widespread, reports already are surfacing that without innovative solutions, the new authorization requirements could cause widespread disruptions for online shoppers.

Britain’s The Sun reported last week as many as one-third of online orders could be blocked in the early going of PSD2 regulation because banks are not yet ready to follow the regulation’s requirements.

The Sun story cited figures from the British Retail Consortium and went on to say:

“Santander customers without a mobile won’t be able to use their bank cards for online shopping and many banks haven’t made alternative arrangements for customers with poor phone signal.

Email delays may mean that shoppers don’t receive the codes before the transaction has timed out and those relying on generated card readers will have to keep them on hand at all times.”

No doubt the slow adoption of the standards and lack of technological innovation from traditional players in the payments space played a role in the European Banking Authority announcement in June that while the requirements would become effective on Sept. 14, as initially planned, enforcement of the requirements could be delayed by Competent Authorities through the EEA to give retailers, card companies and payment companies more time to put effective solutions in place.

Some of the dread among retailers has stemmed from their experience with 3D Secure, which has required extra steps for consumers and led to cart abandonment. The Baymard Institute, in fact, found that 28 percent of consumers abandoned carts because checkout took too long or was too complex.

In a Signifyd consumer survey, 48 percent of respondents told polling firm Survata that they felt frustrated by checkout experiences that redirected them to another site mid-stream for authentication — a feature of 3D Secure.

Fortunately, as the European Banking Authority pointed out in its announcement, SCA and 3D Secure are not synonymous. In fact, on its own, the authority clarified, 3D Secure 2 doesn’t meet the new SCA requirements.

In particular, SCA requires that a shopper’s identity be confirmed through three key elements — something the shopper knows (like a password or PIN), something the shopper has (like a mobile device) and something a shopper is (demonstrated through biometrics or behavior). The idea being that if a fraudster breaches one of the three identifiers he or she hasn’t breached the other two.

Retailers can build friction-free SCA to ensure an excellent customer experience

Despite the anxiety and rocky start, adopting strong customer authentication will be a good thing for retailers and the customers they serve — as long as retailers can avoid adding more friction as they add more security.

The delay on strict enforcement will give retailers breathing room to put in place procedures that go beyond an attempted quick fix.

Signifyd can rely on its deep experience in transaction authentication, having for years used the three pillars of SCA — something the buyer has, something the buyer knows, something the buyer is — to sift fraudulent from legitimate orders.

Its Commerce Network of thousands of merchants selling in more than 100 countries provides vast amounts of data to feed its artificial-intelligence-driven solution, which makes obsolete the need to add disruptive steps to the buying process, such as requiring a PIN to complete a transaction.

The same data and AI powers Signifyd’s Guaranteed Fraud Protection and INR Protection, which makes merchants financially whole on approved orders for fraudulent transactions and consumer claims that packages did not arrive. The constantly learning machines also mean that Signifyd can automate the management of non-fraud chargebacks.

Together, the suite of products means Signifyd can help retailers realize the promise of fearless commerce, meaning they can concentrate on running their businesses and satisfying their customers while Signifyd tackles the challenge of fraud, customer abuse and the need to identify legitimate customers as prescribed by Europe’s new authentication regulations.

To see Seamless SCA™, Signifyd’s latest innovation in action, join us for the upcoming product launch webinar on Sept. 3, at 3 p.m. BST / 4 p.m. CEST.

Photo by Priscilla Du Preez on Unsplash

Mike Cassidy

Mike Cassidy

Mike is the head of storytelling at Signifyd. A former journalist and a retail geek, he covers ecommerce and the way technology is transforming digital commerce. Contact him at [email protected].