opinion

PSD2 Progression and Performance Testing

PSD2 Progression and Performance Testing

The latest deadline came and went, and the world still wasn’t ready for the new PSD2 Secure Customer Authentication requirement. It’s not like we didn’t have ample time to get ready; we’ve been talking about it for several years. After all, the December 31, 2020 deadline was the second deadline imposed. Now, as we head into our third month of 2021, more time has been granted to allow everyone to meet the SCA requirement: enforcement will be gradual across the European Union throughout the year.

One of the challenges for many is meeting the requirement through 3D Secure 2.0 (3DS2). Since we already support 3DS2 and had prepared for PSD2, we decided to give it a try, turning it on as a soft launch for two weeks in December. In this month’s column, we thought we’d share what we learned and what you as acquirers, processors and merchants can expect when PSD2 is live and we’re all using 3DS2.

Card schemes are introducing measures to encourage merchants to support 3DS2.

PSD2 Principles

In a nutshell, the PSD2 Secure Customer Authentication (SCA) requirement was designed to make payments safer and increase protection while ensuring a level playing field for all players new and old. For any consumer-initiated electronic transactions like new sign-ups and one-click purchases, the SCA requires double authentication. That means two or more elements of something a person knows, like a pin or password, something only they can possess, such as a credit card, and something that can only identify the person, like their fingerprint or voice recognition.

For internet and mobile purchases, an extra element is needed, typically an authentication code. The most recommended way to handle the SCA requirement is through 3DS2. In fact, we dedicated a large portion of our development resources to upgrading our 3D secure integration from 1.0 to 2.0 as well as making the system support the SCA requirement for only those transactions that were impacted by the PSD2 mandate: EU to EU transactions.

As I said earlier, enforcement of the legislation continues to change. First, it was slated for September 2019, then it was pushed to December 31, 2020. Now, since many of the large issuers are still not ready to support PSD2, processors, acquirers and merchants are playing a guessing game on when this will all be officially enforced.

For now, each European country has its own migration plan, which has different levels of SCA enforcement based on the transaction size and date. It’s predicted that full enforcement across the EU will be in place by summer for most countries. The U.K. has targeted September 14.

The Performance Test

When we gave 3D2 a trial run two weeks before the end of December, we monitored the soft declines to see what was needed to meet the requirements of PSD2. We were able to identify a few interesting things. The 3D secure additional pay page fields displaying the full address and phone number caused some issuers to decline. When we sent them through again without the fields on the 3D rails, the bank approved the transaction without an issue.

From this test, we feel there will be some friction from consumers who don’t want to input those fields on a payment page, especially from merchants in our space. This could potentially lead to losing the customer before any payment attempt is initiated. What has become very clear, is that we will need to have a very detailed rollout plan that follows how many of the EU countries will be implementing 3DS2. It also highlighted that as a processor, you’ll need to review your U.S. merchants’ transactions to determine which 3D rails are the best to process the transactions through.

Call in the Data Doctor

To address these issues and keep things moving forward, we dedicated a team to analyzing this transactional data and help to identify any new issuers that are enforcing the PSD2 3D Secure requirement. For now, we’re utilizing both 3D Secure 1.0 and 2.0. We feel it’s important to analyze the impact of the 3D 2.0 rails vs. the 1.0 rails. By doing this, you can ensure you have the maximum approval rates on all transactions.

Creating this flexible configuration will allow you to manage the results that are being generated by the transactional data: for example, if the PSD2 requirement has been implemented by the merchant, country, acquirer and issuer level and by the price point. This is important, because as each country begins enforcing PSD2, you can turn on your own enforcement, which will make all transactions go down the 3D secure 2.0 rails with the additional pay page requirements.

Card schemes are introducing measures to encourage merchants to support 3DS2. Mastercard is planning to decommission 3DS 1.0 in October of 2022 and Visa will remove liability shift in Europe starting this October. If you’re still not ready for PSD2, the best recommendation is to be ready as soon as possible. Keep working at it and do your own trial run before enforcement is in place. If you need help with PSD2 implementations, we can help point you in the right direction.

Cathy Beardsley is president and CEO of Segpay, a global leader in merchant services offering a wide range of custom financial solutions including payment facilitator, direct merchant accounts and secure gateway services. Under her direction, Segpay has become one of four companies approved by Visa to operate as a high-risk internet payment services provider. Segpay offers secure turnkey solutions to accept online payments, with a guarantee that funds are always safe and protected with its proprietary Fraud Mitigation System and customer service and support. For any questions or help, contact sales@segpay.com or compliance@segpay.com.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

Segpay Marks 20 Years of High-Risk Triumphs

Payment processors are behind-the-scenes players in the world of ecommerce, yet their role is critical. Ensuring secure, seamless transactions while navigating a rapidly changing regulatory landscape requires both technological expertise and business acumen.

Jackie Backman ·
opinion

The SCREEN Test: How to Prepare for Federal Age Verification

For those who are counting, there are now 20 enacted state laws in the United States requiring age verification for viewing online adult content, plus numerous proposed laws in the works. This ongoing barrage has been exhausting for many in the adult industry — and it may be about to escalate in the form of a potential new AV law, this time at the federal level.

Corey D. Silverstein ·
opinion

How to Master Team Dynamics for Business Success

Having the right team in place is everything. Whether getting a startup off the ground and thriving, or safeguarding an established company, the right — or wrong — people can mean the difference between a successful venture and a failed dream.

Juicy Jay ·
opinion

Eight Steps to Fast-Track AI Site Approval for Processing

Artificial intelligence is a hot topic these days. AI technology is speeding up the way we do business across all industries and offers numerous benefits, from automating processes to increasing efficiency and scalability.

Cathy Beardsley ·
opinion

How to Secure High-Risk Transactions With Network Tokenization

Ensuring the security of data as it moves through digital channels is the foundation of safe transactions, and crucial for your success. If your business can’t secure transactions, you’re exposed to myriad processing traumas.

Jonathan Corona ·
profile

WIA Profile: Reba Rocket

As chief operating officer and chief marketing officer of Takedown Piracy, long at the forefront of intellectual property protection in adult entertainment, Rocket is dedicated to safeguarding the livelihoods of content creators and producers while fostering a more ethical and sustainable industry.

Women In Adult ·
opinion

Protecting Content Ownership Rights When Using AI

In today’s digital age, content producers have more tools at their disposal than ever before. Among these tools, artificial intelligence (AI) content generation has emerged as a game changer, enabling creators to produce high-quality content quickly and efficiently.

Corey D. Silverstein ·
opinion

How Payment Orchestration Can Help Your Business

An emerging payment solution is making waves in the merchant world: the payment orchestration platform (POP). It’s quickly gaining traction as a powerful tool for managing online payments — but questions abound.

Cathy Beardsley ·
opinion

Fine-Tuning Refund and Cancellation Policies

For adult websites, managing refunds and cancellations isn’t just about customer service. It’s a crucial factor in maintaining compliance with the regulations of payment processors and payment networks such as Visa and Mastercard.

Jonathan Corona ·
profile

WIA Profile: Laurel Bencomo

Born in Cambridge, England but raised in Spain, Laurel Bencomo initially chose to study business at the University of Barcelona simply because it felt familiar — both of her parents are entrepreneurs. She went on to earn a master’s degree in sales and marketing management at the EADA Business School, while working in events for a group of restaurants in Barcelona.

Women In Adult ·
Show More