Solutions overview
Harness the power of your data to reduce fraud and increase payment acceptance
Tailor-made fraud protection
Detect and stop fraud faster with clear insights
Adaptive solutions for emerging threats
Defend against ATO, promo abuse and seller fraud
Optimize conversion with agnostic authentication
Manage PSD2 and take control of authentication
Online payment fraud
Understand chargebacks, fees & detection
Machine learning for fraud detection
Models, risk scores & thresholds
Link analysis & graph networks
Draw deeper insights from data
Account takeover fraud
Prevention strategies & reputational risk
Promotion & refund abuse
Uncover & stop hidden costs
PSD2 & SCA
3D Secure, TRA & exemptions
Global payment regulation map 2022
Track PSD2 & more with a full report
Resource Zone
Deep dives on fraud & payments topics
Blog
The latest fraud & payments updates
API & developer docs
APIs, glossary, guides, libraries and SDKs
About Ravelin
Discover the story about Ravelin
Careers
Join our dynamic team
Customers
Read more about our happy customers
Partners
Join our partner programme
Uncover & stop hidden abuse
Resource zone
Read more about our happy custmomers
Blog / Other
An overview of what PSD2 means for PSPs and new fraud rates.
This article was orginally published in The Paypers, which you can read here.
Like most of the payments industry we have been keeping a close eye on the fast-approaching PSD2 regulations and are working to determine the best way to support our clients, partners and fellow travellers through the upcoming changes - read more about this here.
We believe this means excellence in transaction risk analysis, the ability to exempt all relevant transactions, and the elegant support of SCA for those that cannot be exempted. Here’s how we think this will play out.
Although PSD2 is primarily a directive aimed at opening up banking and access to accounts, the impact that consumers will likely experience most initially is a significant increase in friction during the purchase journey. This is because PSD2 has pushed for SCA on every electronic transaction.
The Regulatory Technical Standards (RTS) for PSD2 were released in late February 2018. It is without question that we will see more SCA in the consumer world than we do today. Although the European Banking Authority (EBA) have rowed back from an initial position which would have seen it in on almost all transactions, it would be sensible to work from the assumption there will be SCA on many more transactions and prepare accordingly.
Merchants need to understand how their PSPs are going to elegantly support the presentation of SCA options to their customers. This is likely especially true of those merchants not using any SCA today.
Paragraph 21 of the European Banking Authority's response to industry concerns is a good jumping off point for what we shall discuss next:
21. [...] the EBA agrees with the view expressed by these respondents that a risk-based approach, including the ability to conduct detailed transaction-risk analysis and fraud monitoring, is essential to achieve the objective under PSD2 of reducing overall fraud.
Consequently the EBA arrived at the view that, in accordance with Article 98(2)(a) PSD2, an exemption based on such an analysis should be added in a new Article 16 RTS. The RTS also reiterate the importance of risk and fraud monitoring in general as a necessary complement to the principle of SCA laid out in PSD2 as stated in a new Article 2 RTS.
Essentially the principle has been agreed that merchants and their acquirers (we’ll call them PSPs for simplicity) that have low fraud rates should be able to seek exemptions from SCA. The table of exemptions is as follows:
Under PSD2 only an acquirer can request an exemption, therefore a PSP will be able to offer a significant competitive advantage to its merchants by exempting as many as possible of their transactions from 3DSecure (SCA for online card payments). The exemption has to be sought from and granted by the payer’s Issuing bank, who remains the ultimate arbiter in this, but the method through which to seek an exemption is well established.
The stringent Transaction Risk Analysis (TRA) thresholds will shine a bright light on the fraud detection competence of PSPs.
The outlook for higher risk merchants and their PSP acquirers
Clearly there will be a high risk of merchants that will simply have every transaction pushed through SCA. It will be incumbent on those PSPs to support this SCA as well as possible to mitigate abandonment and potential failed payments. Managing high risk transactions or companies in high risk sectors is nothing new for the industry; there are specialists and that will continue to be the case.
The outlook for low to medium risk merchants and their PSP acquirers
However the 0.13% exemption threshold is a high bar for the industry dealing with low to medium risk merchants, as are the reporting and auditing requirements of the EBA. The only way that we can see these rates being achieved and the auditors satisfied is through the wholesale adoption of machine learning by the PSP industry. This is certainly not the case today where the incentives to ruthlessly manage fraud risk has perhaps not been there.
There will certainly be a competitive advantage in offering SCA-exempt fraud levels; merchants will seek out these PSPs and demand that they deliver a frictionless experience.
An even better proposition for a PSP is to bring a SCA-exempt offering to the market and use their fraud detection prowess as a true differentiator in what may become a commodified market. This might require splitting the PSP business into low and high risk entities, but however it is achieved there is the prospect of significant competitive advantage for providing excellent acceptance rates with minimal SCA.
The question remains how to achieve these low rates under PSD2?
Ravelin already hits well below the threshold rates for our merchant clients. There is no question that for PSPs to do something similar will require the application of the same techniques that we use today. The good news is that Ravelin is now working with PSPs to bring this capability to their clients. Post-PSD2 the winners in payments will be those that can provide the frictionless experience that consumers demand. This means excellence in transaction risk analysis, the ability to exempt all relevant transactions, and the elegant support of SCA for those that cannot be exempted. That’s our vision. We’d love to talk to PSPs that share it.
To learn more about PSD2 and SCA visit our insights page.
Martin Sweeney CEO
4 min read
More from Martin Sweeney
Share this article:
Blog / News
From 2020 to 2022, how has your online business changed? Let’s talk about how the pandemic continues to shape ecommerce two years on.
Grace Proctor, Content Writer
Appetite for ordering food on marketplace apps is still strong, as customers look for convenience and choice. But how are foodie fraud trends evolving?
Lola Omo-Ikerodah, Content Writer
Online marketplaces are exploding, but fast expansion always opens the door to fraud. Learn how to prevent fraud as your business grows with the industry pulse infographic…