The right mix of payment methods: Who is afraid of SCA?

Strong customer authentication is delayed, but it will be mandatory from mid-March at the latest. Therefore, the risk of payment default will be rising for merchants who offer credit card payments. You can eliminate this risk by offering wide range of payment options.

On December 21, 2020, the majority of German merchants received an early Christmas present. The Federal Financial Supervisory Authority (Bafin) decided on another delay in the mandatory implementation of the so-called strong customer authentication (SCA), which was actually planned to be implemented at the turn of the year. The Bafin now allows an exception for transactions under 250 euros until February 15 and for transactions under 150 euros until March 15.

For many merchants, the SCA is a sword of Damocles that has been hovering over their heads since the revised Payment Services Directive (PSD2) was passed. The SCA requires two-factor authentication for the customers when making transactions on the Internet. Entering the expiration date and the credit card verification number will no longer be sufficient in the future. In addition, shoppers then have to give their fingerprints or enter a code received via SMS, for example.

The salespeople fear this much more complicated process could discourage customers from shopping online. Now one could counter that since the PSD2 was passed, there has been more than enough time to implement the corresponding systems and to get customers used to them. After all, the Bafin has granted postponements several times, and the directive has actually been in effect since 2019.

However, such criticism falls short. On the one hand, we are not talking about minor corrections here, but about a fundamental system change. On the other hand, it is by no means just the merchants, who were slow-moving with the implementation. The banks and credit card companies are also obliged to provide the appropriate infrastructure and interfaces. Among other things, the German E-Commerce and Distance Selling Trade Association complains that the systems of many banks do not yet meet the requirements. In addition, not all financial institutions offer the same procedures. Some offer an app solution, others rely on SMS-TAN.

Anyway, the question arises as to how hard this innovation will actually hit e-commerce. Because at least the Germans are not big fans of credit cards in online shopping. According to various surveys, they only use this payment method for 10.5 percent of the transactions, as, for example, the retail research institute EHI determined. Instead, Germans prefer to buy on open invoice (32.8 percent), PayPal (20.2 percent) or direct debit (18.3 percent). The SCA does not apply to open invoice and direct debit, to PayPal only if the customer has a credit card on file for them. Accordingly, these payment methods could benefit in the coming months if customers are put off by two-factor authentication with credit cards.

Studies on the shopping cart abandonment rate also speak in favor of this. For example, those merchants who offer the most common payment methods plus prepayment can reduce their checkout abandonment rate to three percent, as the Ibi Research Institute at the University of Regensburg found out. In view of the upcoming obligation for two-factor authentication, merchants should not only create the necessary infrastructure for this, but – if they have not already done so – definitely expand their payment portfolio to protect themselves against possible defaults.