Home » Cash & Liquidity Management » Cash & Liquidity Management in Europe
Strong customer authentication rules ‘may dent EU internet economy’
by Graham Buck
The European Union’s SCA (strong customer authentication) e-commerce regulation, due to be introduced this autumn, risks knocking up to €150 billion off the EU’s internet economy warns tech firm Stripe, which specialises in online payment processing for internet businesses.
SCA will be introduced across Europe on September 14. From this date, when a consumer purchases an item online that costs over €30, simply plugging their details once will no longer be enough. They will need to additionally confirm their identity via two-factor authentication, which will require a combination from PIN or password; biometric facial features or fingerprint; and/or personal item such as a password.
Writing for the smallbusiness.co.uk website, Stripe’s UK general manager, Iain McDougall warns: “In real terms…this means that from September more than 300 million ordinary European consumers will regularly have to change the way they buy online, introducing an extra layer of friction at the checkout for everyday transactions.
“SCA will mean all European shoppers will have to double authenticate all online payments over €30 – having profound implications for how businesses handle online transactions. It’s set to be big as the General Data Protection Regulation [GDPR], but no one knows about it.”
Pros and cons
McDougall notes that the regulation aims to protect European consumers from the growth in attempted online fraud. As European internet commerce is expected to grow to $1 trillion by 2022, online fraud grows with it: the European Central Bank (ECB) now estimates around €1.3 billion in online fraud occurs on European cards each year.
SCA is part of the EU revised Payments Services Directive, aka PSD2, that came into effect in January 2018, bringing in new laws aimed at improving consumer rights.
However, McDougall is worried that if not prepared for properly, SCA could heavily impact businesses of all sizes. “After September 14, non-compliant transactions will simply be declined by the cardholder’s bank. This, coupled with the additional friction caused by consumers’ having to doubly authenticate transactions, means there could be a significant negative impact on conversion.”
He notes that when similar regulation was enforced in India in 2014, some businesses reported an overnight conversion drop of over 25%. If the same were to occur in Europe’s €600 billion online economy, the continent would be facing a potential economic loss of €150bn.
At the same time, with the risk comes opportunity for firms looking for ways to stay ahead. “In the context of tighter rules, seamless checkout experiences and intelligent SCA exemption management will become a deep competitive advantage for internet businesses able to execute the change well,” suggests McDougall.
- This item appears in the following sections:
- Cash & Liquidity Management
- Cash & Liquidity Management in Europe
- Payments - Making
- Urgent/Instant mPayments
- Region
- Europe
- Regulation & Tax
- Risk Management
- Financial Risk Management
Also see
PSD2 and APIs = extraordinary speedy development and flexibility
APIs will change your life: PSD2 standards, BofA Merrill launch of API Gateway, TreasuryXpress, etc. all pushing use of APIs to deliver new service implementation in a few days
PSD2 and open banking: a shift in mindset and an opportunity
2018 is the year when new regulation ushers in a new era in terms of how we handle and think about data
PSD2: what should we expect on 13 January?
The short answer is 'not much'. While PSD2 could bring changes in the long-term (more competition, collaboration and innovation), in the short-term it's more of a transition than a big bang
NICE Actimize launches PSD2 fraud profiling tool
The cloud-based solution from NICE Actimize targets the PSD2 compliance deadline.
Treasury Leaders Summit 1: PSD2 is end of charging for MT940s
Roundtable discussion at TLS shows the desperate need for global API standards AND that PSD2 will at least ensure charging