With SCA Deadline Looming – What Happens Next?

2022 Calendar

Organisations with an online presence need to be sure they are ready for full Strong Customer Authentication (SCA) compliance for e-commerce transactions.

From 14 March 2022 any merchant that fails to comply with the requirements could be subject to Financial Conduct Authority (FCA) fines and risk customer purchases being declined.

Since the deadline was extended, the FCA has been encouraging e-commerce merchants to work with card issuers to implement SCA. There is a risk that if an e-commerce transaction doesn’t meet the SCA requirements, it could be declined by the card issuer/bank. The result of high numbers of declined transactions could increase costs and complaints, reduce customer confidence and lead to possible reputational damage (as well as the FCA fines).

Protecting merchants and customers from fraud

SCA is a positive change and protects both the merchant and the customer.  If a customer pays online for goods using an SCA process, but later claims it was a fraudulent transaction they will have to prove that the transaction wasn’t made by them. In the past a fraudulent transaction meant the merchant had to refund the money and incurred chargeback costs before any investigation into the transaction’s legitimacy had begun.  Encoded’s Fraud Prevention Platform (FPP) is a new payment solution to speed-up fraud checks and ensure more transactions are processed successfully.

What are the costs of implementing SCA?

Implementing a 3DS2 (3D Secure 2.0) enrolment check API and reacting to the outcome before each authentication is something most merchants don’t want to deal with. They have to get an authorisation code from the card issuer/bank to proceed with the transaction. These secure checks can be costly and complex, requiring expert resources to manage and implement.

An alternative way is to work with an established payment services provider (PSP) like Encoded, which means the transaction process and administration is managed by the PSP from start to finish.  The merchant captures the customer transaction and the PSP carries out all the secure checks required by the acquirer to verify the card with the card issuer behind the scenes. With checks authorised, the PSP issues a secure link that takes the customer through the online process to complete the transaction.

Contact centre mail order, telephone order (MOTO) payments and fraud

While MOTO payments are out of the scope of SCA contact centres can benefit from similar extra fraud checks to reduce declined payments.  Cards can be declined for many reasons including insufficient funds, a change in usage patterns or the bank suspecting fraud for another reason.  Every time a card is declined there is a cost associated with it as both the Acquirer and the Gateway require payment.  By implementing a fraud prevention platform in association with an agent assisted telephone payment helps to reduce the time and costs while increasing the number of successful transactions.  Encoded’s Fraud Prevention Platform streamlines verification checks and allows the agent to send a secure link (via email or text) to the customer for authentication.

Once the customer acknowledges the link, the transaction is verified and becomes the equivalent of a secure ecommerce payment from a trusted device, enabling 3D secure validation and a higher degree of successful completion.  It provides an easy, secure way to reduce the number of potentially fraudulent transactions in contact centres.

Choosing the right payment service provider for contact centre and ecommerce payments have never been more intrinsic to the future success of your business.   Now is the time to start thinking about how to protect your business from fraudulent transactions and comply with the new regulations.

About the Author

Rob Crutchington is Director of Encoded.

Rob Crutchington MD EncodedEncoded is a leading Payment Service Provider and pioneer of new and innovative secure payment solutions for contact centres.  Encoded offers a range of card payment solutions designed to help organisations comply with PCI DSS, GDPR and the newly introduced Payment Services Directive (PSD2).

Encoded’s solutions are trusted by many of the world’s leading brands including Samsung, Mercedes-Benz, BMW and Virgin, as well as a host of UK utility companies such as Green Star Energy and Severn Trent Water.  Solutions include:  Agent Assisted Card Payments, E-Commerce Payments, IVR Payments, Mobile Apps, PayByLink Mobile Payments and Encoded Gateway Services.  For further information please visit www.encoded.co.uk

Leave a Comment