Issuers recognize that businesses want to deliver a flawless customer checkout experience, regardless of whether the transaction qualifies for an exemption. Many card networks have thus implemented Delegated Authentication systems.
Delegated authentication schemes that comply with PSD2 enable issuers to “assign authority” to a third party. A third party might be the merchant or someone acting on their behalf; the third party would be responsible for managing SCA. This enables retailers to continue providing customers with a smooth checkout experience since retailers would no longer be sent to the issuers’ network in order to complete a 3DS challenge. All the while, they are maintaining compliance with regulatory regulations.
PSD2 mandates that all transactions pass SCA authentication, which is the issuer’s duty. The merchant or third party will choose the authentication method if delegated authentication is allowed. This may be based on their unique understanding of the customer, their behavioral patterns, and other factors. For instance, retailers may choose to validate transactions for customers signed in to their account and have previously conducted some authentication. This would result in a frictionless checkout procedure that does not need 3DS, enhancing conversion and optimizing the consumer experience while maintaining PSD2 compliance.
When merchants accept responsibility for validating transactions, they pass liability for chargebacks. Therefore, merchants must ensure that they only seek delegated authentication for transactions in which they have full confidence. Otherwise, companies risk seeing a rise in chargebacks.
Suppose merchants choose to assume responsibility for transaction authentication. Or assign the responsibility to a third party of their choosing. They must understand that if they do so, they or a third party acting on their behalf will face all chargeback responsibility. In consequence, this will enhance a merchant’s exposure to risk.
To reduce this risk, merchants must have an effective fraud prevention system. This is especially important when dealing with high-value or low-risk transactions. If a merchant wants to execute high-value transactions, their authentication must be commensurate with the amount of risk posed by the transaction. As a consequence, they will need a more powerful fraud protection system. A powerful fraud solution helps merchants assume authentication responsibility, especially for transactions with little financial risk. In addition, exemption requests need an anti-fraud solid solution. It should be included in the payment optimization package of a merchant.
Below is an infographic from LoginID entitled “How Delegated Authentication and Payment Authentication work with PSD2.”
