PSD2 – Why is Transaction Risk Analysis Important for PSPs?

September 04, 2017

PSD2 – Why is Transaction Risk Analysis Important for PSPs?

Worried about increasing levels of fraud, particularly in remote payments, the regulators have made fraud prevention a cornerstone of PSD2. The regulated use of Strong Customer Aut…

Sarah Rutherford by Sarah Rutherford
Fraud Protection & Compliance

Worried about increasing levels of fraud, particularly in remote payments, the regulators have made fraud prevention a cornerstone of PSD2. The regulated use of Strong Customer Authentication (SCA) by payment service providers (PSPs) to secure payments is laid out in the Regulatory Technical Standards for PSD2.

However, the use of SCA to secure every payment over €30 could cause problems for PSPs. It could impact the level of customer service they can offer by forcing them to add friction to the consumers’ payment process, forcing consumers to re-authenticate themselves using multiple factors at the point of payment.

There is a difficult balancing act between fraud reduction and customer experience. PSPs will be allowed to manage this balance by securing payments using transaction risk analysis (TRA) – as long as they can keep their fraud rates low enough (see the transaction value table from the regulatory technical standard, below).

PSD 2 transaction value chart

TRA is a method for identifying fraud by observing the behavior in the transaction by the counterparties involved (see our PSD2 Glossary definition). It is not a new method of fraud detection but PSD2 strengthens the use case for TRA, particularly when it can be deployed in real time.

Why should PSPs secure payments using TRA?

  • It will help them retain customers and attract new ones. TRA happens in real time but is invisible to the customer, therefore it does not add friction to the customer journey. To keep customers happy and retain them, PSPs must reduce friction to a minimum, and TRA can help them to do this.
  • It could save them money. SCA requires authentication using a minimum of two factors, each of these must be from a different category:
    • Inherence – something you are (e.g., a biometric)
    • Possession – something you have (e.g., a device)
    • Knowledge – something you know (e.g., a password)
Understanding when TRA can be used and also how transaction risk monitoring is needed for PSD2 is complex. For more information to help you build your strategy for using SCA and TRA, read our executive brief PSD2 and Transaction Risk Analysis: Why It’s Important to You.

As SCA cannot be avoided completely, PSPs will need to have solutions to deliver these factors in place. However, pricing for these solutions is often based on usage – there may even be a per-check charge. Using TRA whenever possible could help drive down the cost of authenticating payments under PSD2.

Join our webinar “Are Your Fraud Operations Ready for PSD2?” on November 2.

Fraud
fraud management
psd2
Regulation
regulatory compliance
Retail Banking

related posts

popular posts
eKYC – Why Malaysian Banks Must Act Now!
popular posts
AI Predictions 2021: Artificial Intelligence Crosses the Chasm
popular posts
Why Do Fraudsters Use Synthetic Identities?
popular posts
5 Ways to Combat Fraud During the Holidays
popular posts
FICO Named Category Leader for Financial Crime - Enterprise Fraud

RT @ScottZoldi: Trust in #AI is a hot topic, and @VentureBeat talks about how consumers are wary. VB cites the @CoriniumGlobal/@FICO report…

57 minutes ago

RT @FICO_Events: Join Matt Higginson of @McKinsey_MGI, and @FICO's Bruce Curry in this upcoming webinar to discuss the gains from using tec…

4 hours ago

Introducing, @FICOcloud Community Decision Hero, Andy Flint, Senior Director of Product Management. Checkout Andy's… https://t.co/0QmKJ0HAae

6 hours ago