Making sure your customers can still buy from you online

buy online blog

The pandemic has undoubtedly changed our expectations when it comes to buying and selling online. Businesses, large and small, have adjusted their business models, with many finding a lifeline in being able to sell online when they couldn’t welcome customers into physical stores. But with nearly a third of the UK population shopping online for the first time in 2020, and almost 90% of shoppers now regularly buying via the internet experts are predicting that these changes in shopping behaviour are permanent1.

As many people continue to shop online, it’s vital they are confident that all payments being made to your business are arriving safely. That’s why, as part of an industry regulation, stronger protections have been put in place to ensure that the risk of fraudulent activity is reduced.

What's changed?

Introduced earlier this year as part of a new industry regulation, Strong Customer Authentication (SCA), requires banks to perform additional checks to help ensure that a customer is the correct cardholder (and not a fraudster) when making a purchase. The regulation aims to reduce fraud – making ecommerce more secure – but could also mean that your customer needs to take additional steps during checkout. It also means that if the payment doesn’t meet SCA requirements, it could be declined by their bank.

The authentication process is powered by technology known as 3 Domain Server (3DS) Secure, which means that every 3DS transaction involves three parties to verify it. 3DS scans payments as they come through to determine if they seem likely to be fraudulent and enables banks to ask the customer for more proof of their identity (in line with the regulation). In October 2022, 3DS will be upgraded to an improved version known as EMV 3D Secure. This version of the technology gives banks more information on a payment, and is more suited to modern tech devices, such as mobile phones and home assistants. Our data shows that when 3DS had been applied, e-commerce fraud can be reduced by half2. What’s more implementing 3DS means banks can verify the identity of the cardholder at checkout, so if fraud does take place, your business could benefit from liability protection in some instances – you can ask your business bank about this.

At Visa, we’ve been working with our clients and partners to support the implementation of the new technology. On 15th October 2022, the previous 3DS system will be discontinued. If you are having issues authenticating payments, this is likely due to these system upgrades, and we recommend reaching out to your payment provider to discuss this transition. 

Once you’ve implemented the latest SCA technology, the next way to minimise disruption for your customers is to reduce the number of payments that require further steps at checkout. Not all payments require SCA – there are some payments that are exempt. Working with your bank or gateway, you can indicate if a customer’s payment falls under an exemption and help ensure it passes directly through for bank approval. One exemption, for instance, is that additional checks are not always required for “low value” payments. If many of the products and services you sell are for less than £30, it is worth mentioning this to your bank or gateway.

Challenge or opportunity

Whatever the size of your business, you can be certain that if you sell online in Europe or the UK, your customers will, at some point, go through additional checks including needing to provide stronger proof of their identity in line with SCA. To make sure they can, contact the company or bank that provides your website checkout service.

With the right preparation, you can reduce fraud and help ensure your hard-earned customers can still pay you easily and quickly.


Disclaimer: Case studies, comparisons, statistics, research and recommendations are provided “AS IS” and intended for informational purposes only and should not be relied upon for operational, marketing, legal, technical, tax, financial or other advice. Visa Inc. neither makes any warranty or representation as to the completeness or accuracy of the information within this document, nor assumes any liability or responsibility that may result from reliance on such information. The Information contained herein is not intended as investment or legal advice, and readers are encouraged to seek the advice of a competent professional where such advice is required.

Visa Everyday Spending, June 2020
2 Visa 3D Secure Data

Tag: Digital commerce