The results of Strong Customer Authentication (SCA) testing have shown that the increased security measures have been putting customers off completing transactions.

Dean Jordaan, director of e-commerce and payments at Microsoft UK, shared the results of the latest round of research his team has been conducting in Europe since September 2019.

Since then, Microsoft has continuously submitted a small, random percentage of customer-initiated transactions for authentication over EMV 3D-Secure (3DS).

The new SCA rules - due to be enforced next September - require authentication based on the use of two or more elements: knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is).

In practice, this requires extra steps at checkout, usually in the form of a one-time passcode sent via SMS, or some form of biometric authentication.

The Microsoft testing found that the success rates of these challenges were low to very low, meaning merchants lose sales and customers cannot get the goods and services they want.

Customers also abandon checkout at high rates when challenged, which Jordaan said suggests customers are confused, don't like the authentication method, and/or encounter poor implementations of SCA.

“Even a successful challenge takes a long time to complete, especially for app – this suggests that significant friction is added to the customer purchase experience.”

Another finding was that issuers have yet to enable SCA in some markets, for browser, app or both. Issuers also rely heavily on Visa and Mastercard for authentication stand-in, which suggests that issuers are not ready with their own implementations of EMV 3DS.

“Authorisation approval rates worsen with authentication stand-in,” wrote Jordaan. “This means that merchants are penalised for lack of issuer readiness.”

He did note that authorisation approval rates improve when the challenge succeeds. “A bright spot, this suggests the payments ecosystem can deliver on the promise of SCA.”

Justin Chace, strategic partner manager for financial services at Facebook, commented on the post: “It is so frustrating to see where the market is at with SCA given the amount of extra time the issuers and networks have had.”

Share Story: