Article

Embracing Change and Strong Customer Authentication

Resistance to change is a powerful human emotion. Whether it’s change in family life, a favorite app’s new user interface or a new process at work, people just don’t like change.

Multiply that discomfort out from the individual to the entire payments industry, and you’ll get a sense of how things are going as we run up to the implementation of the new EU Payment Service Directive, PSD2.

In June, news came out that the European Banking Authority had agreed to a limited extension on the September 14th deadline for compliance with Strong Customer Authentication (SCA) under PSD2. The EBA acknowledged that not all actors in the payments chain may be ready to go by that date, and they may work with payment service providers (PSPs) on a limited basis, so long as they had a migration plan in place.

This sent a sigh of relief throughout the payments industry, but it probably shouldn’t have. Because as much as humans are resistant to change, there’s still a lot of work to do to get compliant, and no one should be letting up on the gas just yet.

Here’s what merchants should be doing to get ready.

Know the requirements for Strong Customer Authentication

Don’t just assume that your PSP is on top of it when it comes to being PSD2 compliant. The payments industry may have a lot of moving parts you can’t control, but you can examine your own customer authentication protocols to ensure they’re up to speed.

To recap, SCA requires authentication to use at least two of the following three elements:

  • Something the customer knows (e.g. password or PIN)
  • Something the customer has (e.g. phone or hardware token)
  • Something the customer is (e.g. fingerprint or face recognition)

Learn more here: Are You Ready for Strong Customer Authentication?

Focus on customer experience

Meeting SCA requirements has the potential to add friction to the customer experience, which will be a problem especially for mid-sized merchants who rely on one-off or infrequent purchases.

In order to continue to offer easy, hassle-free purchasing while complying with SCA requirements, these merchants need to implement authentication processes that help them make confident decisions on customer identity as quickly as possible.

Educate your customers

Like everyone, consumers are also resistant to change. But they’ll be less reluctant to go along with SCA requirements if they understand why they’re being asked to do so.

Offering your customers the best experience once PSD2 goes into effect will require customer education on the part of merchants. Alert customers to upcoming changes well ahead of time through newsletters and social media. Include notifications in your customer service channels. Build educational elements into your transaction flows.

Stay up to date

The best way to ensure you’re on track to comply with the SCA requirements under PSD2 is to keep up with the news. The easiest way to do that is through the PSD2 Tracker, which Ekata produces with PYMNTS.com each month. In it, you’ll find all the latest news, stories, updates, and expert takes on how the payments industry is preparing for PSD2 implementation.

July’s PSD2 Tracker is available here.

Thanks for reading! You might be interested in these posts, too: