Webinar: Fight or flight? Alerts, disputes and the hidden costs of chargebacks – May 13th 12PM Eastern
Webinar: Fight or flight? Alerts, disputes and the hidden costs of chargebacks –
May 13th 12PM Eastern
Webinar: Fight or flight? Alerts, disputes and the hidden costs of chargebacks – May 13th 12PM Eastern
Webinar: Fight or flight? Alerts, disputes and the hidden costs of chargebacks –
May 13th 12PM Eastern
The impact of PSD2 regulation on eCommerce in Europe was the most prominent topic at the MRC Barcelona conference that took place at the end of May.
The verdict: the Revised Payment Services Directive (PSD2) significantly reduced online payments fraud in European (including the U.K.) markets but at a huge cost in terms of implementation and in sales lost to increased customer friction due to the strong customer authentication (SCA) requirement of the regulation.
PSD2, in a nutshell, is a European Union directive designed to foster innovation and competition in financial services by opening access to payment systems and customer account data, while also enhancing the security of online transactions.
A key facet of PSD2 discussed at MRC Barcelona 2023 was the requirement of Strong Customer Authentication (SCA), a protocol that mandates at least two-factor authentication for online transactions. SCA has been instrumental in enhancing online transaction security, subsequently reducing e-commerce fraud across Europe. However, this added layer of security has come with its own set of challenges and costs.
The cost of implementing PSD2 across the financial ecosystem has been substantial. Estimates suggest the financial industry has spent billions of euros on compliance, with significant resources dedicated to technology development, system integration, regulatory compliance processes, and staff training.
Merchants, in particular, have been hard-pressed to strike a balance between enhanced security measures and a seamless customer experience. It’s a tightrope walk, and any misstep could lead to abandoned carts and lost sales. To mitigate these concerns, many have turned to SCA exemptions, a provision within PSD2 that allows certain low-risk transactions to bypass two-factor authentication. According to the MRC’s 2023 Global Fraud and Payments Report, there has been a significant increase in merchant use of SCA exemptions in Europe as a means of reducing the cost of PSD2 over the past year or two.
These exemptions are based on various criteria such as low-value transactions (under EUR 30), recurring transactions, and transactions deemed low-risk based on real-time risk analysis. While these exemptions are a lifeline for merchants, they are not without their own complexities. Implementing them requires a deep understanding of the directive, a robust risk assessment mechanism, and close cooperation with acquirers and payment service providers.
For merchants, the costs have been particularly high. Aside from the direct costs associated with updating payment systems and processes, there are indirect costs that are often unaccounted for. These include the potential loss of business due to increased transaction friction, investments in understanding and applying SCA exemptions, and the expense of dealing with increased chargebacks due to failed or disputed SCA attempts.
said Renan Renner, Product Lead of Authentication at Adyen.
Of course, if true, that is an awful lot of friction to add to the customer’s checkout experience!
Part of the pain merchants are feeling when it comes to PSD2 compliance may be directly tied to failures or weak spots in the implementation of 3DS 2.0. Mastercard acknowledged at the conference in a session titled “Leveraging the PSD2 Momentum for Better Performance” that 3DS 2.0 was meant to provide better data sharing between issuers and merchants, but that has not happened yet. The card network said that merchants are not sharing all the data they could through 3DS 2.0 and that this reduces the effectiveness of the solution.
According to Mastercard, even in cases where the card issuer is incapable of digesting the additional transaction data provided by the merchant, Mastercard itself uses the additional data to provider issuers with a risk score, impacting authorization rates. The card network also said that the new version of 3DS 2.2, as opposed to 3DS 2.1, will address friction points to increase authorization rates.
However, the costs of PSD2 must be weighed against the benefits. While the transition has been challenging, PSD2 and SCA have played a significant role in reducing e-commerce fraud, providing a safer transaction environment for consumers and fostering trust in online commerce. PSD2 and its SCA requirement have led fraud rates in Europe to drop 40% following implementation, said Rohan Jain, senior product manager for payment optimization at Worldpay from FIS, at the conference.
Looking to the future, the successor to PSD2, aptly dubbed PSD3, is already on the horizon. While specifics remain hazy, the next iteration is expected to continue the trend towards increased security, open banking, and innovation.
For online merchants serving the European market, PSD3 will likely present both challenges and opportunities. On one hand, they may face increasing complexity and regulatory scrutiny. On the other hand, they stand to benefit from an evolving ecosystem that promotes innovation and consumer trust.
Moreover, as machine learning and artificial intelligence continue to advance, PSD3 might incorporate these technologies to further refine risk assessments and fraud detection. This could potentially streamline SCA exemptions, reducing friction for consumers while maintaining security.
The journey from PSD2 to PSD3 will undoubtedly require further investment and adaptation from all stakeholders. However, the ultimate goal remains constant: creating a more secure, efficient, and competitive payments ecosystem that benefits consumers, merchants, and financial institutions alike.
Starting June 17, 2025, Stripe is rolling out a major change to how it charges merchants for disputes, and if you’re not prepared, it could get expensive fast. This post will walk you through what’s changing, why it matters, and how merchants should think about Stripe chargebacks. For more information, see Stripe’s announcement here. What’s […]
Chargeback alerts and Rapid Dispute Resolution (RDR) are important tools for merchants. Using them wisely as part of an overall chargeback management strategy is key to maintaining a good reputation with card issuers. Alerts, RDR and chargeback automation have a significant impact on merchant bottom lines. While we’ve been offering chargeback alerts and RDR for […]
Payment methods and fraud techniques are ever evolving, and that means your stack needs to evolve even faster. However, with so many technologies available, it’s hard to know what’s needed, what’s useful, and what you can do without. This article examines the essentials for any payment stack in 2025, as well as emerging technologies that […]
Chargebacks don’t just entail payment reversals for merchants, but also additional fees levied by acquirers to cover the costs of managing the chargeback process. The chargeback fee, along with the chargeback amount, is normally subtracted from the payment due to the merchant in the period when a payment dispute is filed. Many acquirers and PSPs make the […]
Travel and hospitality related friendly fraud is sky high and rising – incurring huge costs to businesses forced to devote time and money to combatting illegitimate chargebacks. This marks a crisis for an industry where mere percentage points dictate who soars high and who goes under. Fortunately, a range of tools and strategies are available […]
Visa has rolled out a new program that’s changing how merchants and acquirers are monitored for chargeback and fraud ratios. Keep reading to learn what you need to know. The new Visa Acquirer Monitoring Program (VAMP) went into effect on April 1, 2025, consolidating the Visa Dispute Monitoring Program (VDMP) and Visa Fraud Monitoring Program […]
