Regulation

SCA requires online merchants to introduce two-factor authentication processes at the checkout stage, such as One-Time-Passcodes or Biometrics, to reduce the risk of e-commerce fraud. The deadline is currently set at December 31, 2020, after the EBA agreed to a further 18-month extension last August.

Citing difficulty implementing new technology when most staff are working from home, members of EPIF, which counts Visa and Mastercard as members, are asking for a minimum six-month delay to the implementation of SCA across their services.

However justified this request might be given the current circumstances caused by Covid-19, it is shortsighted and will ensure that payments companies pay more down the line. First of all, e-commerce has been booming due to an enormous number of transactions moving online given the ongoing global self-isolation requirements. This increase in volume of online purchases, coupled with an influx of many new, inexperienced e-commerce users, is a perfect reason for fraudsters to ramp up their activity.

Consumers who are new to buying most of their necessities online are also more likely to be trusting of various sources than those used to e-commerce. A particular example would be the elderly, who now have to order their groceries online. These consumers will be easy targets for fraudsters.

Saving money now on implementing a new security technology will pale in comparison to the higher price needed to be paid in the future by payment companies to reimburse fraud victims who could have been protected had SCA been in place. Not only will companies lose money directly, but potentially also the trust and loyalty of consumers following fraud attacks.