Last year, it was projected that online businesses lost US$48 billion globally due to payment fraud, up from US$41 billion in 2022. As eCommerce continues to grow as a revenue generating avenue, it becomes paramount for merchants to implement robust and compliant security measures to safeguard their customer’s sensitive information and help manage chargebacks. SCA, 3DS2 and PSD2 all aim to reduce fraud for online payments.
In this article, we’ll cover what SCA is used for, the difference between SCA and 3DS2, 3DS2 payment regulations and where 3DS is mandatory, among other things.
The difference between PSD2, 3DS2 and SCA
What does PSD2 cover?
The European Union’s PSD2 stands for Payment Service Directive 2, which is a directive that aims to regulate the industry of online payments across the EEA, UK and Monaco. The main difference between PSD1 and PSD2 is that the latter introduced Strong Customer Authentication (SCA), a measure set to enhance secure payments and reduce fraud. To comply with SCA and PSD2, the best option for merchants is to implement 3DS2.
What is SCA used for?
SCA refers to Strong Customer Authentication and forms part of PSD2. In a nutshell, it requires payments to be authenticated using two or more criteria from a specific set of categories; something a person knows, something a person has or something a person is. Specifically, eCommerce transactions must be SCA compliant if the card issuer and acquirer are in the EEA, UK and/or Monaco. However, there are also certain exemptions to PSD2 and SCA payments like corporate transactions and low-amount transactions.
What is 3DS2?
3DS2 stands for three-domain secure 2 and is the most common authentication protocol used to satisfy SCA, which as previously mentioned is mandatory for online payments processed in the EEA, UK and Monaco. The three domains are the acquirer domain (the merchant and the acquiring bank to which the money is paid), the issuer domain (the bank that issued the cardholder’s card) and the interoperability domain (the infrastructure used by the card scheme to enforce the 3DS protocol such as the internet, Merchant Plugin and/or access control server).
Benefits of PSD2, 3DS2 and SCA
PSD2, 3D Secure 2 and SCA offer multiple benefits for merchants and consumers such as:
- Improved fraud protection and chargeback management – they are an effective way of protecting customers against fraud, while helping to reduce your business’ chargebacks. Additionally, 3DS2 shifts some of the chargeback liability from the merchant to the issuer, which means the merchant won’t be liable for any chargebacks for fraudulent payments that have been authenticated via 3DS2. However, the merchant will be liable for non-fraud related chargebacks such as services not rendered and merchandise not being as described.
- Minimised friction – they facilitate frictionless payment flows by using familiar authentication protocols like a fingerprint scan or one-time password to verify online transactions. By securely streamlining this process, customers are less likely to abandon their carts and it can improve conversion rates for merchants.
Safeguard your business’ transactions with emerchantpay
emerchantpay is a leading global payment service provider for online, in-app and in-store payments. Our PCI Level 1 compliant payments solution is available through a simple integration, offering a wealth of features, including global acquiring, alternative payment methods, fraud and risk management and performance optimisation. We enable businesses everywhere to create a seamless and engaging payments experience for consumers anywhere. We can help your business seamlessly accept payments with 3DS2, while adhering to PSD2 and SCA requirements. Plus, you’ll have access to your very own account manager, risk analyst and round the clock technical support to assist you in growing your business.
Reach out to our payment experts and learn how you can set your payments up for 3DS2, PSD2 and SCA.