The Payment Services Directive 2 (PSD2) has fundamentally reshaped the European payment landscape since its full enforcement began in 2021. What started as a regulatory framework designed to enhance security and competition in digital payments has evolved into a cornerstone of modern e-commerce operations across the EU. For online merchants, PSD2’s impact extends far beyond compliance—it has redefined customer authentication, fraud prevention strategies, and the overall user experience.
After more than four years of full implementation, the effects of PSD2 are now clearly visible across the merchant ecosystem. While the directive has successfully reduced certain types of payment fraud, it has also introduced new challenges around customer friction and transaction declines that continue to shape how businesses approach online payments.
Key Takeaways
- PSD2’s Strong Customer Authentication (SCA) requirements have been fully enforced since September 2021, fundamentally changing how EU customers authenticate online payments.
- Fraud reduction has been significant, but merchants have had to balance security gains against increased transaction friction and potential customer abandonment.
- Strategic use of exemptions and optimizations has become critical for merchants to maintain conversion rates while remaining compliant.
- The connection between PSD2 and chargebacks shows mixed results—while some fraud-related chargebacks have decreased, authentication failures can create new dispute scenarios.
- Customer experience innovations like trusted merchant whitelisting and improved 3D Secure 2.0 implementations have helped merchants adapt to the new requirements.
- Ongoing compliance and optimization remain essential as regulators continue to refine enforcement and merchants discover new best practices.
The Evolution of PSD2: From Implementation to Optimization
By September 2021, EU national regulators had completed the transition to full SCA enforcement, marking the end of grace periods and the start of stricter supervision. This marked the end of the transitional period and the beginning of a new era for European e-commerce.
The journey from PSD2’s initial announcement to full enforcement has been marked by several key phases. The regulation officially took effect on September 14, 2019, but many countries implemented grace periods to allow merchants and payment processors time to adapt. The COVID-19 pandemic further complicated the timeline, with some jurisdictions extending deadlines to accommodate the surge in online payments.
Now, in 2025, PSD2 is no longer a “new” regulation—it’s an established part of the payment ecosystem. Merchants have had time to implement comprehensive strategies, and the initial disruption has given way to more sophisticated approaches to authentication and fraud prevention.
Understanding Strong Customer Authentication (SCA) in Practice
Strong Customer Authentication remains at the heart of PSD2’s impact on merchants. The requirement for two-factor authentication on electronic payments has created both opportunities and challenges for online businesses.
All electronic payments (i.e., card payments and bank transfers) require SCA unless an exemption can be applied or the transaction is considered out of scope for SCA—for example, merchant-initiated transactions (e.g., direct debit). This broad application means that most online card payments now require additional authentication steps.
The implementation of SCA has led to several key developments:
Enhanced Security Infrastructure: Merchants have invested heavily in 3D Secure 2.0 implementations, which provide a more seamless authentication experience compared to the earlier 3D Secure 1.0 protocol. This technology enables risk-based authentication, where low-risk transactions may be authenticated without customer interaction.
Exemption Strategy Development: Successful merchants have developed sophisticated approaches to requesting and managing SCA exemptions. Customers can allowlist trusted merchants to avoid repeated authentication. These allowlisted merchants can benefit from an SCA exemption for repeat transactions, provided certain criteria are met from SCA for trusted beneficiaries, provided criteria are met. This trusted merchant status has become a valuable tool for improving customer experience.
Risk-Based Authentication: The integration of advanced fraud detection systems has allowed merchants to better identify when SCA can be bypassed through legitimate exemptions, reducing unnecessary friction for legitimate customers.
The Impact of PSD2 Over Time: Pros, Cons, and Merchant Challenges
Positive Impacts
Fraud Reduction: The most significant benefit of PSD2 has been the reduction in card-not-present fraud. The additional authentication layers have made it substantially more difficult for fraudsters to complete unauthorized transactions. This reduces the likelihood of fraudulent transactions, consequently decreasing the number of illegitimate chargebacks.
Improved Customer Trust: While initially disruptive, the enhanced security measures have ultimately increased customer confidence in online payments. Consumers have adapted to the additional authentication steps, and many now expect this level of security.
Innovation in Payment Technologies: PSD2 has driven innovation in payment processing, leading to better user interfaces, more sophisticated risk assessment tools, and improved mobile payment experiences.
Ongoing Challenges
Transaction Declines: One of the most persistent challenges has been the increase in transaction declines due to authentication failures. Customers who struggle with or abandon the authentication process can lead to lost sales and revenue.
Customer Experience Friction: Despite improvements in 3D Secure 2.0, the additional authentication steps still create friction in the checkout process. SCA represents one of the most significant shifts in digital payment security in the past decade. Even if you don’t do business in the EU market, SCA could have a huge impact on the future of your business
Operational Complexity: Managing exemptions, monitoring compliance, and optimizing authentication flows require ongoing technical resources and expertise that some merchants struggle to maintain.
Cross-Border Complications: For merchants operating across multiple jurisdictions, managing different regulatory requirements while maintaining a consistent customer experience remains challenging.
PSD2 and Chargebacks: A Complex Relationship
The relationship between PSD2 and chargebacks has evolved significantly since its implementation. While the directive was designed to reduce fraud and, by extension, fraud-related chargebacks, the reality has been more nuanced.
Positive Chargeback Impacts
Reduced Fraud-Related Chargebacks: Additionally, PSD2’s transparency requirements mean that consumers will receive more detailed transaction information, making it easier for them to identify legitimate charges This improved transparency has helped reduce “friendly fraud” cases where customers dispute legitimate charges they simply don’t recognize.
Stronger Authentication Evidence: When disputes do occur, merchants now have stronger evidence of customer authentication, which can be valuable in chargeback defense cases.
New Chargeback Challenges
Authentication Failure Disputes: Some chargebacks now stem from authentication failures or technical issues during the SCA process, creating new categories of disputes that merchants must navigate.
Increased Complexity in Dispute Resolution: The additional authentication requirements have made chargeback investigations more complex, requiring merchants to provide detailed technical evidence of authentication attempts and failures.
Evidence Management Complexity: Merchants must now maintain comprehensive records of authentication attempts, exemption requests, and technical logs to effectively dispute chargebacks—a task that can be overwhelming without proper automated systems.
Current Industry Data and Projections
Recent industry analysis shows mixed results for chargeback trends in the post‑PSD2 era. According to the 2023 True Cost of Fraud™ Study by LexisNexis, North American merchants lose an average of $4.61 for every $1 of fraud, factoring in chargebacks, fees, and operational costs. Meanwhile, broader industry reports—including Mastercard and Chargeflow—project that global eCommerce chargeback losses will reach $33.79 billion in 2025 and rise to $41.69 billion by 2028. While PSD2 has helped reduce card-not-present fraud across Europe, global chargeback costs continue to climb, driven by the rapid growth of digital commerce and evolving fraud tactics.
These rising costs, combined with the increased complexity of PSD2-related disputes, highlight the critical need for merchants to have robust chargeback management systems that can handle the nuanced requirements of post-PSD2 dispute resolution.
Best Practices for Merchants in 2025
Optimization Strategies
Exemption Management: Successful merchants have developed sophisticated systems for requesting and managing SCA exemptions. This includes maintaining low fraud rates to qualify for exemptions and implementing robust risk scoring to identify when exemptions are appropriate.
Customer Education: Proactive communication about authentication requirements has proven essential. Merchants who invest in clear, multilingual explanations of the authentication process see better completion rates.
Technical Implementation: Continuous optimization of 3D Secure 2.0 implementations, including mobile-optimized authentication flows and seamless integration with existing checkout processes.
Compliance Monitoring
Regulatory Updates: Staying current with evolving regulatory guidance from national authorities and the European Banking Authority remains crucial for ongoing compliance.
Performance Metrics: Monitoring key performance indicators including authentication success rates, transaction decline rates, and customer satisfaction scores related to the checkout experience.
Chargeback Management Integration: Implementing comprehensive chargeback management solutions that can handle the unique complexities of PSD2-related disputes while maintaining high win rates and reducing operational overhead.
The Future of PSD2 and Merchant Compliance
As we move through 2025, PSD2 continues to evolve. We are also witnessing regulators lay down the law when it comes to instant payments. In January 2025, the Instant Payments Regulation was updated to require payment service providers in the Euro area to charge the same or lower free for instant payments as for regular payments, showing how the regulatory landscape continues to develop.
Merchants should prepare for continued evolution in several areas:
Enhanced Risk Assessment: Regulators are likely to refine guidelines around risk-based authentication and exemption criteria, potentially allowing for more sophisticated fraud detection approaches.
Cross-Border Harmonization: As other jurisdictions consider similar regulations, merchants may need to adapt their systems for global SCA-style requirements.
Technology Integration: Emerging technologies like biometric authentication and advanced AI-driven fraud detection will likely become more integrated with PSD2 compliance strategies.
Navigating PSD2 Chargebacks: The Justt Advantage
The complexity of PSD2-related chargeback management requires specialized expertise and sophisticated tools. This is where Justt’s AI-powered chargeback management platform becomes invaluable for merchants operating in the post-PSD2 landscape.
How Justt Helps with PSD2 Challenges
Automated Evidence Collection: Justt’s platform automatically gathers and organizes the complex technical evidence required for PSD2-related disputes, including authentication logs, exemption requests, and SCA compliance documentation.
Intelligent Dispute Classification: The AI system can identify whether a chargeback is related to authentication failures, technical issues, or traditional fraud, enabling merchants to craft more effective responses tailored to the specific nature of PSD2 disputes.
Regulatory Compliance Support: Justt stays current with evolving PSD2 regulations and enforcement guidelines, ensuring that chargeback responses align with the latest regulatory requirements and best practices.
Performance Analytics: Merchants can track how PSD2 implementation affects their chargeback rates, identify patterns in authentication-related disputes, and optimize their payment flows to reduce future chargebacks.
Conclusion
PSD2 has fundamentally transformed the European payment landscape, creating both opportunities and challenges for online merchants. While the initial implementation period brought significant disruption, the regulation has ultimately driven innovation and improved security across the e-commerce ecosystem.
Success in the post-PSD2 world requires merchants to balance security, compliance, and customer experience through strategic implementation of authentication technologies, careful management of exemptions, and ongoing optimization of payment flows. Equally important is having robust chargeback management systems that can navigate the increased complexity of PSD2-related disputes.
The key to success lies not just in meeting regulatory requirements, but in leveraging PSD2’s framework to build trust with customers, reduce fraud, and create competitive advantages in the digital marketplace. With the right tools and expertise—including AI-powered chargeback management solutions like Justt—merchants can turn PSD2 compliance from a regulatory burden into a strategic advantage.
As we look toward the future, PSD2 will likely serve as a template for similar regulations worldwide, making European merchants’ experience with these requirements increasingly valuable on the global stage. Those who invest in comprehensive compliance and chargeback management strategies today will be best positioned to thrive as the regulatory landscape continues to evolve.
Ready to simplify PSD2 compliance and reduce chargebacks? Discover how Justt’s AI-powered platform can help you stay ahead of evolving payment regulations—get started today!