What businesses need to know about PSD2.

Coming into force on the 14th September 2019, the Strong Customer Authentication (SCA) rules, part of the second Payment Service Directive (PSD2), are designed to improve fraud prevention methods and make online card payments safer for customers and merchants.

Businesses need to understand these changes and take appropriate action to ensure they are able to continue offering seamless payments to their customers. These new legislative changes are also an opportunity for businesses to consider how they can deliver a better customer experience throughout the checkout process.

What are the key changes?

The new Strong Customer Authentication (SCA) rules require firms to undertake two-factor authentication for the majority of transactions. For online payments, 3D Secure is a compliant method of achieving this and recent technological innovations mean that hundreds of data points can be analysed to authenticate transactions without the need for customer intervention. This helps reduce potential delays or friction in the checkout process and increase security and fraud protection.

As well as increased fraud protection, customers also benefit from new payment services being developed under Open Banking. This gives them greater control over their payment methods, enhanced by a simpler navigation and checkout process.

Although this is a piece of EU legislation, any business that takes payments from customers within the European Economic Area (EEA) will need to comply with PSD2 for those payments.

How is Valitor preparing for PSD2?

At Valitor, we’re continuing to monitor the potential impact of PSD2 on our services and make any necessary changes to our Card Payment Integrations, so our service continues to offer full visibility and compliance for all customer transactions.

Valitor is in the process of implementing 3DS v2.1 with scheme extensions to support additional information required as part of the transaction message.  This new version of the authentication protocol will be the main method for authenticating online card payments and meeting the new SCA requirements. This new version introduces a better user experience that will help minimise some of the friction that authentication adds into the checkout flow.

For merchants to be able to comply with SCA and have a frictionless customer experience. It is advised to have the latest 3DS capability to authenticate the transaction with providing added information.

In line with 3DS v2.1 and SCA requirements there will be some changes made to the Valitor API to include additional parameters such as card holder’s name being one on the payment page.  Although these will not be a mandatory fields, the more information provided to Valitor, such as card holder name, address email and phone number, the lower the chance of the end customer being required to provide additional information to authenticate the transaction. This should help streamline the customer experience at checkout and could help increase conversion rates. Once the ability to test these changes is live, a full update will be provided to customers.