Strong customer authentication rules ‘may dent EU internet economy’

The European Union’s SCA (strong customer authentication) e-commerce regulation, due to be introduced this autumn, risks knocking up to €150 billion off the EU’s internet economy warns tech firm Stripe, which specialises in online payment processing for internet businesses.

SCA will be introduced across Europe on September 14. From this date, when a consumer purchases an item online that costs over €30, simply plugging their details once will no longer be enough. They will need to additionally confirm their identity via two-factor authentication, which will require a combination from PIN or password; biometric facial features or fingerprint; and/or personal item such as a password.

Writing for the smallbusiness.co.uk website, Stripe’s UK general manager, Iain McDougall warns: “In real terms…this means that from September more than 300 million ordinary European consumers will regularly have to change the way they buy online, introducing an extra layer of friction at the checkout for everyday transactions.

“SCA will mean all European shoppers will have to double authenticate all online payments over €30 – having profound implications for how businesses handle online transactions. It’s set to be big as the General Data Protection Regulation [GDPR], but no one knows about it.”

Pros and cons

McDougall notes that the regulation aims to protect European consumers from the growth in attempted online fraud. As European internet commerce is expected to grow to $1 trillion by 2022, online fraud grows with it: the European Central Bank (ECB) now estimates around €1.3 billion in online fraud occurs on European cards each year.

SCA is part of the EU revised Payments Services Directive, aka PSD2, that came into effect in January 2018, bringing in new laws aimed at improving consumer rights.

However, McDougall is worried that if not prepared for properly, SCA could heavily impact businesses of all sizes. “After September 14, non-compliant transactions will simply be declined by the cardholder’s bank. This, coupled with the additional friction caused by consumers’ having to doubly authenticate transactions, means there could be a significant negative impact on conversion.”

He notes that when similar regulation was enforced in India in 2014, some businesses reported an overnight conversion drop of over 25%. If the same were to occur in Europe’s €600 billion online economy, the continent would be facing a potential economic loss of €150bn.

At the same time, with the risk comes opportunity for firms looking for ways to stay ahead. “In the context of tighter rules, seamless checkout experiences and intelligent SCA exemption management will become a deep competitive advantage for internet businesses able to execute the change well,” suggests McDougall.