EBA rules will inconvenience consumers online

New European regulations will undermine the progress the payments industry has made towards convenient online payments.

The European Banking Authority (EBA) is set to finalise its proposed new rules for authenticating online payments in early 2017. Currently, the EBA is set to mandate “strong customer authentication” (SCA) for all online transactions over €10 ($10.70) in value, following the requirements of the new Payment Services Directive. According to Verdict Financial’s Online Consumer Payments Analytics, the average online transaction value in EU markets in 2015 was just under €20 ($21.40), meaning that these new rules stand to affect the majority of online payments in the markets concerned.

The EBA’s proposals will require consumers spending over €10 online to go through extra authentication steps beyond entering card information (or accessing stored card information), such as entering passwords or one-time codes, or even using physical card readers, in order to make payments. Major industry players including Visa have voiced their displeasure with the proposals – and the EBA has stated that they may need to consider changing the transaction value threshold for SCA as a result, though not whether they will consider changing the nature of authentication required from manual data entry challenges to something less obtrusive.  As currently written, the proposals stand to inconvenience consumers shopping online and thus impede the strong growth of the European online commerce market.

European markets are some of the most engaged in online commerce in the world – after China and the US, the UK, Germany, and France are the largest online commerce markets by value of transactions globally. Furthermore, the UK has the single highest average household spend online of any market, with the average UK household spending $5,900 online in 2015 (source: Verdict Financial’s Online Consumer Payments Analytics), or 9% of the average household consumption expenditure for that year. The UK in particular is therefore likely to be strongly affected by these new rules (assuming they continue to apply in the future).

Convenience and security have always been opposing forces in online consumer payments, but from a consumer perspective convenience is generally the priority. Most consumers are concerned about online card fraud, but they choose their payment tools due to a combination of convenience and comfort, with security generally being the third-most important reason consumers select their payment tools. Security is considered important by consumers, but not at the expense of convenient online purchasing.

Adding steps to the online checkout process greatly increases the chance of customers abandoning their purchase entirely, which causes both merchants and payment providers to lose potential income. Cart abandonment is a perennial issue for online merchants, and has led to the creation of a variety of fast checkout services such as Amazon’s One-Click and PayPal’s One Touch. These services store consumer card details and recognise users by passive, background means such as their historic purchasing behavior and the devices they use to minimise friction in online payments and maximise revenue.

The EBA’s proposals threaten to severely limit fast checkout services, and indeed all online payment services that use dynamic or risk-based authentication. If these proposals are entered into EU law unamended, they will slow down growth and innovation in European online commerce.