Turns out EEA Issuer systems and Merchants were simply not prepared for the initial implementation date of September 14, 2019, and EBA eventually announced a final Europe-wide deadline for strong customer authentication of 31 December 2020. The VISA mandate for Issuer sign up of 3D 2.1 is March 2020.
EEA countries are slowly starting to implement these updates to their system, including the new SCA (Stronger Customer Authentication) guidelines, with the exemptions parameters…
1. Low Value Transactions
Transactions under €30 may be exempt from SCA> However, SCA is still required if the exemption is applied more than 5 times OR if the sum of payment is > €100 since the last exemption on the card.
2. Low Risk Transactions
Transactions assessed as low risk through Transaction Risk Analysis (TRA) and where the dollar value of the transaction and the Payment Service Provider (PSP) fraud rate are both below certain set thresholds.
3. Trusted Beneficiary
When a customer has added a business to a whitelist with their issuing bank
4. Recurring Transactions
Recurring transactions of the same amount to the same business; SCA is still required on the first transaction
There are concerns with how these new rules and scoring parameters will impact transaction approvals for eCommerce businesses and we recommend Merchants start monitoring activity and take actions. EU region experts such as Ravelin, suggest Merchants immediately begin to…
● Adjust risk thresholds to achieve a consistently low fraud rate to apply for exemptions.
● Upgrade to the best possible version of 3D Secure.
● Check that your out-of-scope transactions are flagged correctly to avoid making customers authenticate when they don’t need to.
● Make sure your risk analysis complies with the EBA’s Transaction Risk Analysis requirements.
● Start collecting data on issuer behavior around authentication ahead of the final deadline.
Even though non EEA Acquirers/Merchants are supposed to be exempt, also known as one leg out transactions, some are suggesting Issuers may not have the logic in place to identify these types of situations, particularly in the short term after the regulation goes into effect. We recommend all Merchants prepare for this and begin implementing strong customer authentication, using a combination of 3D 2.1 and 1.0 risk based approach. This means that the 3D vendor use cascading and bypassing to minimize checkout friction. 3D secure will not only help to decrease fraud and chargebacks, but can also save in interchange costs.
Contact us to learn more and let us help you implement this successfully.