Extra security checks for online purchases will reduce fraud but they could also cause e-commerce chaos for unprepared retailers unless a new frictionless approach to verification is adopted, writes Martin Wilson, CEO of Digital Identity Net.
It is estimated that more than 5.1
million cases of online fraud are reported every year in the UK at an annual cost of £367million – roughly equivalent to more than £1 million
a day in losses.
On March 14 2022, the UK introduced Strong Customer Authentication (SCA) for online shopping. The rules, mandated by the Financial Conduct Authority, will require a two-step verification process for any online purchase over £25 and have been introduced to
clamp down on online fraud.
While SCA is a welcome and overdue step in tackling this problem, it is accompanied by significant challenges for both retailers and consumers.
Shoppers will be required to comply with extra security checks to verify their identity and have been warned to expect delays at online checkouts and an increase in payment failures. This will add significant friction in areas where there is poor mobile
signal coverage or where retailers have not adequately prepared.
While the extra few seconds on a purchase should be a small price to pay for increased security, research shows that it has a direct impact on consumer habits. According to data from Barclays, as many as one
in three UK consumers give up on online purchases if the security checks take too long.
The rules are already having an impact, with new
research from Barclays revealing that UK retailers lost £130 million in sales in the first month since the introduction of SCA requirements.
Fail to prepare…
So, retailers unprepared for the requirements and unable to adapt to the changes will face an increase in payment failures and could lose customers.
This is especially true for retailers that rely on card payments but can no longer accept them or have a subscription-based payment model reliant on regular card payments.
Transactions where payments are rejected without any explanation are responsible for as much as 20% to 40%of subscriber churn.
UK Finance, the trade association for the financial services industry, has warned online retailers of the need to adequately prepare for SCA. The rules have been several years in the making and were originally meant to be implemented as far back as September
However, even the most compliant and prepared businesses will still be impacted by SCA. This is partly because some online shoppers will be unwilling to submit to extra security checks, but it is mostly because of the inefficiencies, friction and inconsistency
of the current system when it comes to verifying customers’ identity.
A new approach is necessary
What we need is a frictionless model built around a digital identity utility that lets people prove their identity at checkout and securely complete their transactions with just a few clicks. This needs to be a standardised, consistent model, in line with
current banking apps, in order to build familiarity and trust with customers.
This model can be built around investments already made (such as Open Banking) and data already held by banks, who hold verified identities for 98% of the UK adult population. Not
only would it reduce payment failure rates, but it would also help retailers solve other headaches such as accurate age verification.
Furthermore, a functioning digital identity service would also help tackle the rise in other financial scams such as Authorised Push Payments and so-called ‘romance’ scams.
Such systems already exist elsewhere in Europe. Both Sweden and Norway have used their respective bank-based identity schemes as a way to prove identities and authenticate all kinds of transactions, including online purchases. Both have proved effective
and have been widely adopted.
Sweden’s Bank-id launched in 2003 and is now the de facto electronic identification system in the country with 6.5 million active users, which accounts
for 94% of smartphone users.
Meanwhile Norway’s BankID scheme has reduced payment fraud from 1% to just 0.00042% of transaction value.
In summary, retailers shouldn’t have to compromise to meet SCA requirements and consumers shouldn’t have to compromise to be secure.
UK banks have verified the identity of the vast majority of the UK’s adult population and the infrastructure to support secure checkouts without introducing new friction for customers already exists. The solution can be implemented, and data can be securely
shared by leveraging the investment already made in Open Banking, enabling people to prove who they are quickly and simply. This doesn’t need huge investment or legislative change; it just needs action from the banks and retailers to adopt.