axerve_logo

Our Solutions

Unique and integrated solutions to manage payments in all shapes and forms in all online channels.

Payment Orchestra™New

Platform management integration for worldwide transactions.
Learn more

Ecommerce Solutions

Payment gateway to process online transactions.
Learn more
Learn
 / 
PSD2 and Strong Customer Authentication: the first data of 2021

PSD2 and Strong Customer Authentication: the first data of 2021

Published: 26 may 2021 • Reading time: 4 minutes

2020 was the year in which the online sales sector has witnessed a double-digit growth, in some sectors even a triple-digit growth, as highlighted in our article on changes in Italians’ consumer behaviour during the first lockdown. In turn, 2021 will be remembered for the implementation of the European PSD2 regulation, which has revolutionized the online shopping experience with the introduction of Strong Customer Authentication (SCA) or two-factor authentication.

Those who work in the E-commerce sector are well aware of how important the changes introduced by PSD2 are, as well as that one of its objectives is to increase the security of online payments, reducing the fraud risk and increasing the degree of security of the entire ecosystem. All to encourage those, who are still many in Italy, who still have hesitations about shopping on the internet.

The relationship between Strong Customer Authentication and conversion rate

The reasons behind the PSD2 are completely understandable and the European Union’s goals regarding it in the medium to long term, will certainly benefit the entire sector. It is equally true, however, that two-factor authentication, also called strong authentication, hides some pitfalls, both for merchants and buyers.

The application of the SCA is possible thanks to the 3DS 2.0 security protocols, which you can read about further in our article dedicated to the topic. The protocols in fact allow issuers to manage the strong authentication necessary to comply with the requirements of the legislation. It is apparent that this method of recognition, on the one hand, increases the payment security, effectively reducing the risk of fraud, but on the other hand, it increases the barriers to entry of the purchasing process, increasing the probability that the transaction will not be successful.

Even though the 3DS protocols already existed before the introduction of PSD2, (although back then it was an outdated version, pre-compliant with the new legislation), its implementation was optional for merchants and depended on the authorization of the acquirer, and many e-commerce businesses preferred to not use this security system for the benefit of a higher conversion rate.

The strong (two-factor) authentication of the first three months of 2021

From January 1, 2021, the SCA and, therefore, the implementation of the protocols 3DS 2.0 have become mandatory for all European online transactions, so today it is possible to lay out an indicative framework of its impact and evaluate the trend of authentications during the first quarter of the year.

According to the Mastercard’s research on cards grouped by the countries of issue during the period January 1 – March 5 2021, most European countries are experiencing a gradually increasing transaction authentication rate, often higher than 50% by several percentage points, with an average standing at 71.3% across the continent.

For example, Italy, which at the end of January had registered an authentication rate of 42.3%, positioning itself as the last country in Europe, in the first days of March improved its positioning, reaching 51.1% of the total authentications. Nevertheless, Italy stayed among the worst performing nations, slightly surpassing only Belgium (50.7%).

Italy also registered a figure on the implementation of frictionless authentication much lower than the European average (25.8%), reaching only 7.3% total. This data does not only lay out the framework of the Italian market in terms of application of the SCA but also explains why Italy currently loses about 43.9% of transactions with 3DS against an average of 25.3%.

Reasons for failed authentications in Italy

In order to intervene on the increase in authentication rates and therefore on the reduction of interrupted payments due to 3DS protocols, it is necessary to start from what may be the cause. According to Mastercard's analysis of the Transaction Reason Code, there are three macro-categories of motivations:

  • ACS timeout
    In January, over 60% of failed authentications could be traced back to the communication process with the ACS (Access Control Server, aka the infrastructure that authenticates the buyer), which fell to 53.9% in early March.
  • Card without 3DS2 protocols or Transaction not allowed
    At the beginning of the year, 25.6% of authentications failed due to credit cards which lacked 3DS2 protocols or because the authentication request was not accepted (e.g. lack of a phone number to send to the OTP in order to finalize the transaction), while at the beginning of March the figure rose to 28.4%.
  • Abandonment of authentication
    In this case, the buyer did not complete the authentication because he left. This reason concerned 10.5% of the total transactions in January and 14.3% in March and is mainly due to the user experience of the authentication process.

Axerve’s observation data

Some Axerve's calculations, out of a total of 180 BINs (Bank Identification Numbers) with at least 100 transactions in January, allow a comparison on the progress of conversions before and after the implementation of PSD2. The average conversion decreased slightly from 67.53% to 67.15% but what appears most evident is the distribution of the values ​​when comparing the standard deviations of the conversion rates for December 2020 and January 2021.

The comparison shows a deviation from the reference averages of the standard deviations: in the month of December the figure stood at 20.34% while in January it was 23.38%. Therefore, a greater dispersion of the conversion rate is noticeable, which is a clear indication that we are still in a very heterogeneous phase, in which the scenario shows a high dispersion presumably due to a first period of adjustment, from many points of view, which can vary from the user experience of the authentication process to the physiological increase in abandonment by the buyer.

We have seen how Strong Customer Authentication directly affects cart conversions and how the whole process needs to be improved, by adopting solutions that reduce its impact while maintaining a high level of security. This issue needs to be addressed soon, especially in a historical context such as the one we are experiencing. If you want to learn more about the topics we discussed in this article, you can download our free whitepaper "Strong Customer Authentication in 2021", in which you can find other interesting analyses and extra data on the scenario of the first quarter of the year.

Source
TagEcommerceSecurity

Join our newsletter