Solutions overview
Harness the power of your data to reduce fraud and increase payment acceptance
Tailor-made fraud protection
Detect and stop fraud faster with clear insights
Adaptive solutions for emerging threats
Defend against ATO, promo abuse and seller fraud
Optimize conversion with agnostic authentication
Manage PSD2 and take control of authentication
Online payment fraud
Understand chargebacks, fees & detection
Machine learning for fraud detection
Models, risk scores & thresholds
Link analysis & graph networks
Draw deeper insights from data
Account takeover fraud
Prevention strategies & reputational risk
Promotion & refund abuse
Uncover & stop hidden costs
PSD2 & SCA
3D Secure, TRA & exemptions
Global payment regulation map 2022
Track PSD2 & more with a full report
Resource Zone
Deep dives on fraud & payments topics
Blog
The latest fraud & payments updates
API & developer docs
APIs, glossary, guides, libraries and SDKs
About Ravelin
Discover the story about Ravelin
Careers
Join our dynamic team
Customers
Read more about our happy customers
Partners
Join our partner programme
Uncover & stop hidden abuse
Resource zone
Read more about our happy custmomers
Blog / News
The European Banking Authority aimed to level the playing field in payments with PSD2, but they’ve failed to do this - here’s why.
As we draw closer to the 14th September deadline for the Second Payments Services Directive (PSD2), change is in the air. Outside the payments industry at the start of the year, the noise around ‘PSD2’ was barely a whisper. Now, concern has leaked into the mainstream, with one UK politician calling PSD2 a ‘ticking time bomb’. We’re starting to notice the panic about what PSD2 will mean for the online economy.
PSD2 requires two-factor Strong Customer Authentication (SCA) on many payments over €30 from 14th September 2019. The European Banking Authority (EBA) has acknowledged that massive numbers of online merchants are not ready for this change. It’s almost as if there’s no way we could have predicted this would happen. After all, when’s the last time everyone ignored a huge sweeping digital change until the last minute with many failing to hit the deadline?
Unclear timelines and conditions
As the online industry won’t be ready for 14th September, the EBA has allowed for some wiggle room. They have specified that national regulators can allow ‘limited additional time’ for organizations to work towards an agreed migration plan.
Confusing consequences for online sellers
For merchants, a delay to PSD2 might seem like a good thing on the surface. However, the EBA’s lack of guidance has added even more confusion to an already complex situation. How long will the delay be? Are there specific industries which might be more or less prepared?
This is likely to result in wildly different approaches to payment authentication and authorisation across Europe for quite some time.
We expect that the migration plans will be around 18 months long, though some national regulators may proceed with no delay and others may push for a 3 year timetable.
Why the EBA has failed in delivering consistent payments across Europe
Post PSD2, when a merchant wants to process an online card payment they will have no idea about how the issuer will handle it. Will a Danish bank enforce SCA on every transaction? If it’s an Italian or a Spanish issuer, should you authenticate or authorise first? The decision of whether or not to use 3D Secure has become much more complex. There’s a much higher chance of payments getting declined through the sheer number of possible approaches.
Therefore, the EBA has totally failed in its attempt to level the playing field in Europe - at least in the short term. In this case, ‘the short term’ could end up being months or years.
How could the EBA have handled this better? Setting a Europe-wide transition period would have given merchants certainty over how issuers will manage payments. This has also been suggested by the European Association of Payment Service Providers of Merchants.
How should merchants manage this uncertainty?
European payments are about to become much more complicated. As a merchant, pre PSD2, the country and issuer of the cardholder were largely irrelevant. Now, the combination of SCA requirements, exemptions, issuer vetoes and now different regulatory approaches per country makes knowing how to process a payment much harder.
Keeping tabs on every country and issuer is a considerable undertaking and will be a huge challenge for merchants operating across Europe.
The important things to consider are:
This issuer intelligence is critical to how our payment authentication solutions help merchants route each payment to the path of least disruption and the best chance of acceptance - learn more here.
Martin Sweeney CEO
3 min read
More from Martin Sweeney
Share this article:
From 2020 to 2022, how has your online business changed? Let’s talk about how the pandemic continues to shape ecommerce two years on.
Grace Proctor, Content Writer
Appetite for ordering food on marketplace apps is still strong, as customers look for convenience and choice. But how are foodie fraud trends evolving?
Lola Omo-Ikerodah, Content Writer
Online marketplaces are exploding, but fast expansion always opens the door to fraud. Learn how to prevent fraud as your business grows with the industry pulse infographic…