Microsoft testing shows SCA putting customers off

The results of Strong Customer Authentication (SCA) testing have shown that the increased security measures have been putting customers off completing transactions.

Dean Jordaan, director of e-commerce and payments at Microsoft UK, shared the results of the latest round of research his team has been conducting in Europe since September 2019.

Since then, Microsoft has continuously submitted a small, random percentage of customer-initiated transactions for authentication over EMV 3D-Secure (3DS).

The new SCA rules - due to be enforced next September - require authentication based on the use of two or more elements: knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is).

In practice, this requires extra steps at checkout, usually in the form of a one-time passcode sent via SMS, or some form of biometric authentication.

The Microsoft testing found that the success rates of these challenges were low to very low, meaning merchants lose sales and customers cannot get the goods and services they want.

Customers also abandon checkout at high rates when challenged, which Jordaan said suggests customers are confused, don't like the authentication method, and/or encounter poor implementations of SCA.

“Even a successful challenge takes a long time to complete, especially for app – this suggests that significant friction is added to the customer purchase experience.”

Another finding was that issuers have yet to enable SCA in some markets, for browser, app or both. Issuers also rely heavily on Visa and Mastercard for authentication stand-in, which suggests that issuers are not ready with their own implementations of EMV 3DS.

“Authorisation approval rates worsen with authentication stand-in,” wrote Jordaan. “This means that merchants are penalised for lack of issuer readiness.”

He did note that authorisation approval rates improve when the challenge succeeds. “A bright spot, this suggests the payments ecosystem can deliver on the promise of SCA.”

Justin Chace, strategic partner manager for financial services at Facebook, commented on the post: “It is so frustrating to see where the market is at with SCA given the amount of extra time the issuers and networks have had.”

    Share Story:

Recent Stories


The Rise of Instant Payments
Instant payments are creating new business opportunities for banks by providing more touchpoints than ever. With these evolutions underway, Featurespace brought leading industry experts together to discuss how they are protecting customers from fraudsters in real time, utilizing innovative and disruptive solutions to reduce fraud. Click here to find out more.

Offloading Cyber Risk in the Cloud
As cyber attacks and data breaches are in the news on an increasingly regular basis - with regulatory penalties and customer trust on the line for financial services firms - it has never been more crucial to be compliant in the cloud.

This video, with Akamai’s EMEA director of security technology and strategy Richard Meeus, will help explain what your company can be doing to make sure it’s not embroiled in the next big fine or front-page scandal.