So far, 3DS2 doesn’t look ready to deliver on its promise of improved customer experience and higher authorization rates.
It’s now six years since we heard about PSD2 – Europe’s Second Payment Service Directive, and five years on from the release of 3D Secure 2.
Despite the many (many) delays to the roll-out of Strong Customer Authentication (SCA) across Europe, 1st January 2021 marked the passing of the official European Banking Authority (EBA) recommended SCA enforcement date. However, multiple countries have released their own roll-out plans with a range of final deadlines up to the fourth quarter of 2021.
So what’s really happening with European payments?
Ravelin collected insights from transaction data, regulators, card schemes, and feedback from merchants during the first two months of the year. What they are seeing?
As expected, it looks like there are already significant variations between countries when it comes to 3D Secure adoption rate and success. „We also heard from merchants directly about unusual performance from several European countries, so we took a closer look at performance for some of these,” Ravelin said.
Based on merchant feedback, Ravelin looked at their transaction data for January – February 2021 in Denmark, France, Spain and Germany.
„It’s important to keep in mind that we’re only looking at a subsection of transactions, so we can’t know the full story. We are only reporting on transactions on cards issued by the above four countries where we know: 1) If 3DS was attempted, 2) If 3DS was successful, 3) If the transaction was successful.”
Across all four countries – main findings:
. 97% of transactions were sent to 3DS for the authentication process to be attempted
. 5% were successfully authenticated through frictionless authentication (no challenge to the cardholder)
. 26% of all 3DS challenges failed authentication
Next, let’s look at the variations between countries on failed transactions.
Failed authorization for selected European country issued cards
There are some significant differences here – and especially worrying performance from Danish-issued cards. What could be behind this?
The Danish Financial Supervisory Authority had previously set the SCA enforcement date for March 2021, and then later announced that it had changed to 11th January at the last minute. It’s likely that this has caused a lot of confusion and disrupted payments for Danish-issued cards, and we’re seeing the consequences in failed transactions.
To learn more about where 3DS was successful but authorization failed, we looked at which 3DS version is failing more to see if there are any lessons here.
Failed authorization rates for 3DS v1.0.2 and 3DS 2.1.0
Surprisingly so far, successfully authenticated 3DS2 payments have failed authorization at a much higher rate than 3DS1. From speaking with merchants, we understand that 3DS is being initiated for transactions paid with alternative payment methods, including ApplePay, which indicates something has gone wrong.
We’ve also been hearing that the implementation work around 3DS2 is causing problems for merchants, with some saying it’s the most confusing they’ve seen in years! This could be behind the failure rate for 3DS2 transactions, with many issuers rushing preparations and mass confusion across the market.
So far, 3DS2 doesn’t look ready to deliver on its promise of improved customer experience and higher authorization rates. This is a reminder that it’s critical to monitor issuer behavior, enable dynamic authentication and avoid 3DS whenever possible to maximize acceptance rates.
The full analysis here
Banking 4.0 – „how was the experience for you”
„So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”
Many more interesting quotes in the video below: