Skip to main content
PSD2 – Managing Fraud Intelligently

PSD2 – Managing Fraud Intelligently

Comply with PSD2 and protect your customers’ experience.

Solution Details

Fraud in remote payments, such as online transactions, has long been a concern. PSD2 looks to tackle this through better authentication of activity where there is a risk of fraud; such as making a payment or changing account details. Responsibility for payment security must be managed by payment service providers. PSD2 mandates the use of strong customer authentication as the means to do this. Strong customer authentication means that customers must authenticate their identities using two factors, each from a different category from the below:

  • Inherence - this means something they are, for example a biometric.
  • Knowledge - secure information they know, such as a password.
  • Possession - this means verifying something they have, for example their mobile phone.

Meeting the requirements of strong customer authentication means that consumers will frequently be asked to perform additional steps or provide additional information — adding friction to the customer journey. Customers don’t like delayed or difficult processes and PSPs who fail to handle the process well could lose customers.

There are two ways in which payment service providers can take the steps required by PSD2 while also protecting the customer experience. They can either use permitted exemptions to reduce their need to perform strong customer authentication or they can orchestrate strong customer authentication in a way that limits negative impacts on a customer’s journey.