Dominic White, Visa’s Acting Country Manager for Ireland, on how e-commerce businesses in Ireland can prepare for EU payments regulation, SCA
Over the past twelve months, the way we shop has changed. The pandemic forced many businesses across the world to close their doors, with many finding a lifeline in being able to sell online, some even for the first time.
Similarly, many consumers have started to embrace online shopping for their everyday purchases. In fact, in Ireland, Visa saw an almost 40% increase in e-commerce transactions in December 2020 compared to December of the previous year, according to VisaNet Data.
So, it has become even more important that businesses in Ireland can provide a positive, secure and great experience when selling online and serving their customers via digital channels.
Introduction to SCA
A new European regulation was introduced in Ireland on 1st January 2021 and is being gradually implemented until the deadline on 1st July 2021. The regulation is called Strong Customer Authentication (SCA) and is part of a broader payments regulation known as PSD2. It aims to reduce fraud by adding another layer of security to online payments to ensure the person making a payment is the authorised cardholder, and not a fraudster.
The industry has steadily been getting ready for SCA over the past couple of years and businesses across Ireland are being encouraged to take the necessary steps to prepare for the upcoming July deadline. If your business is not ready, it could make it harder for your customers to pay at online checkouts.
SCA encourages the use of two-factor authentication to ensure that the authorised cardholder is the same person making the payment. Many of your customers may have already noticed some changes to their checkout experience and needed to provide additional verification of their identity when paying online.
When SCA is in place, the cardholder will be asked for two pieces of information such as something they know, like a password; something they have, such as a phone or card reader, or something relating to who they are, like a fingerprint or facial recognition. If they cannot be identified, the payment could be declined.
But the good news is that business-owners have the power to prevent this from happening by installing a piece of technology to their online checkout and we’re here to tell you how.
Have an online business? Visa outlines the simple steps to get ready for SCA
To be ready for the regulation, businesses can use a piece of technology called 3D Secure (3DS). It scans payments as they come through to determine if they seem likely to be fraudulent and enables banks to verify the authenticity of the customer by asking them for more proof of their identity.
At Visa, we believe the best way to make sure your customers’ payments support the regulation is to add the latest version of this technology - EMV 3D Secure. This version gives banks more information on payments and is also more suited for use on mobile phones and other smart devices.
Contact your business bank or payment gateway
Implementing the right technology is straightforward. The company that enables your website to take payments or runs the checkout section of your website – it could be your business bank or a payment gateway - should be able to “switch on” this technology on request. But this will not happen automatically; if you want to use the latest 3DS, you must ask the provider.
Identify any exemptions with your bank
There are some e-commerce transactions which are out of scope of the regulation, and others that may be exempt. One exemption, for example, is that additional checks are not always required for “low value” payments. If many of the products and services you sell are less than €30, it is worth mentioning this to your bank or gateway.
Challenge or opportunity
More than three quarters of Ireland’s largest e-commerce businesses have already implemented the technology required to support SCA, according to Visa merchant enablement data from March this year, and Visa is urging small businesses not to get left behind. Whether you are a local restaurant operating an online click & collect service, an online retailer or indeed any independent business that uses online payments; SCA will apply to you.
The Montenotte Hotel in Cork is one such business that recently upgraded its payments system to be ready for SCA.
Ray Kelleher, director of sales and marketing, The Montenotte Hotel, explains the steps he took: “The term Strong Customer Authentication (SCA) was new to us at The Montenotte Hotel, but over the past few months we have begun to understand the importance of this new EU requirement to reduce fraud and make online payments more secure. By speaking to our website booking engine provider and our merchant provider, we were able to take the necessary steps.
"It was a seamless process but a most important one for us, as more than 35% of our room revenue is driven through our website and booking engine. Thankfully, we are SCA-ready, and I would encourage any business that operates online to check with their business bank or payment gateway that they too have the right technology in place.”
Make your business SCA ready today. For more on SCA, check out Visa.ie.
