Fraud Protection & Compliance
As I discussed in a previous blog, consumers have not been extensively educated on the impact that PSD2 will have on them. Many of the outcomes of PSD2 will be positive - the Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) will give people access to a range of new services that will help them to manage their money better and give them more flexibility in the payment providers they use.
However, the fraud prevention measures that form an integral part of PSD2 will have a knock-on effect for consumers. In some instances, security checks will make initiating a payment more difficult and irritating. Sometimes the checks may even stop it.
Poor Customer Management will Impact the Bottom LineWe already know that introducing friction into customer transactions is viewed negatively. Many organisations consider losses to abandoned transactions as important or more important as losses to fraud. PSD2 means that payment service providers (PSPs) must use Strong Customer Authentication in the payments process.
Asking customers to prove they are the legitimate account holder using multiple factors adds friction to the customer journey. When this happens frequently, customers may consider the PSP to be at fault and look to use alternative payment providers or even close their accounts. The introduction of Strong Customer Authentication will impact all PSPs but there will be winners and losers, and those that can effectively communicate with their customers and steer them through the process stand to be the winners.
Fortunately, there are strategies and tools that can help, and PSPs should begin to consider them now:
- Reducing the need for Strong Customer Authentication by using Transaction Risk Analysis to secure payments.
- Balancing the techniques used to authenticate customers so that you reduce friction. For example, can you use technologies that are invisible to the customer? Can you use a technique that your customers are already familiar with and accept? If customers are already familiar with one-time passcodes, could that be extended to help meet the Strong Customer Authentication requirements of PSD2?
- How you communicate with a customer when a process such as a payment initiation is stopped. PSD2 mandates that when authentication fails you must communicate with the customer in order to reset the authentication. If the transaction is genuine, the customer is likely to be frustrated by their inability to progress; if it’s an attempt at fraud, customers need to know about it as soon as possible and feel secure that you are taking all necessary steps to protect them. In both cases, two-way communication with the customer needs to be quick and effective. This means that you must understand the preferred and easiest way to communicate with your customer in the given circumstances and you must have the ability to execute on it as soon as possible.
Helping PSPs Communicate with their CustomersKnowing that communications is at the heart of maintaining customer relationships disrupted by fraud checks, we recommend PSPs use FICO® Customer Communications Services (CCS) to help manage PSD2 communications. CCS seamlessly integrates with your fraud solution so that you can effectively manage communications with your customer when they are affected by fraud checks. Automated review of the customer account history enables CCS to identify the best way to communicate with the customer, by their preferred communication channel. When appropriate, CCS can supply one-time passcodes that can be used as one of the factors needed for multi-factor authentication.
It’s important to plan now. Turn poor PSD2 experiences into positive ones by putting customers at the centre of the process and giving them visibility and control.
Join our webinar “Are Your Fraud Operations Ready for PSD2?” on November 2.
In this video, FICO blogger Gabriel Hopkins talks about the impact of PSD2 on consumers, including fraud authentication: