Ecommerce Europe calls on European legislators to apply pressure for a risk-based approach to electronic payments authentication


In light of the ongoing drafting of regulatory technical standards on Strong Customer Authentication by the European Banking Authority and tomorrow’s scrutiny by Members of the European Parliament, Ecommerce Europe calls on European co-legislators to challenge the approach taken to electronic payments authentication, to preserve online merchants’ business models.

It is essential for the growth of e-commerce that regulation facilitates and stimulates innovative methods of electronic payments authentication rather than focus on only one method. Ecommerce Europe strongly endorses dynamic authentication methods such as risk management and targeted customer authentication methods, which have been proven to provide an equal level of security and payment fraud protection while preserving online merchants’ business models. The sector calls on the European Banking Authority (EBA) and European co-legislators to include provisions for dynamic authentication methods to facilitate a balanced approach to payments security and customer convenience in the EBA’s final draft regulatory technical standards. As proposed, the technical guidelines could have a damaging impact on investment and the future competitiveness of the European e-commerce sector as they are too restrictive and impose too burdensome procedures on online merchants and customers. If not changed appropriately, they put at risk the future of European e-commerce.

 “The unique selling point of e-commerce lies in its ability to provide the consumer with fast, convenient and safe methods to shop for any goods and/or services which would usually not be available to them. The e-commerce sector is increasingly moving towards providing tailor-made offers and options to customers, and customers in Europe have become used to this high level of convenience. As proposed, the one-size-fits-all approach to Strong Customer Authentication for all transactions above a €10 threshold threatens the intricate balance in checkout convenience, leading to a more cumbersome authentication process and an increase in shopping cart abandonments.”

-Marlene ten Ham, Secretary General of Ecommerce Europe

‘Targeted Authentication’ as a technologically neutral alternative to fight online fraud

Ecommerce Europe voices its strong concerns that the one-size-fits-all approach to authentication undertaken by the European Banking Authority is going to prove inadequate in the ongoing fight against online fraud, thus contradicting the original spirit of the Payments Services Directive 2. As a more static authentication tool than risk-based approaches, Strong Customer Authentication fails to adapt to new and evolving parameters and fraud patterns.

A recent study by the consultancy Clever Advice demonstrates that dynamic authentication measures such as Targeted Authentication provide an equally safe alternative to Strong Customer Authentication. Targeted Authentication requires a level of customer intervention in the electronic payment authentication process that is relevant to the risk associated with each individual transaction.