Saturday was 14th September- the day that the EU SCA (Strong Customer Authentication) ball was scheduled to drop. It didn't. It would seem that a reprieve has been granted to schemes and banks and (hopefully) Fintechs and TPPs will be given the same time to get their proverbial ducks in a row. I have been following SCA closely because I think that Australia has something to learn. SCA is all about preventing credit card fraud. Transactions that fall into certain categories (based on the amount, type of merchant and frequency amongst other things), will require the customer to authorise using 2-factor authentication before they can go through. This will rely upon a robust and intricate series of APIs for success. These APIs and subsequent access permissions are only possible thanks to PSD2 (the EU equivalent of our Consumer Data Right) which has made Open Banking style interactions possible.
Companies such as Stripe have been forecasting doom in the form of abandoned shopping carts for months and diligently purchasing biometric companies (amongst other things) to arm themselves. In an age when consumers want fewer barriers to purchase but, seemingly conversely, also demand more security, this will be an interesting roll-out... when it eventually happens... I am very interested to see if shopping cart abandonment will increase and if fraud will decrease. Will these things be directly correlated and, if so, can SCA be called a success?
Either way, I hope in Aus we watch and learn! We are at the beginning of our CDR and Open Banking journey. Our conversation is still largely focused on the 'new' consumer tools that can be developed using our legislation - tools that allow account aggregation, account switching, better credit assessments and financial wellness nudges. I love these tools and am just as excited about them as the rest of the industry, but, I am more excited about the new ways that payments will be consented to, authorised and protected (and yes, I know that our Open Banking is read-only - no transaction instigation possible... but that doesn't mean the externally instigated transaction can't be secured and authorised using open banking technology).
So, SCA may not have happened on Saturday, September 14, but, it will eventually happen and I don't think I will be the only one in Aus with my notebook (and maybe popcorn) ready!
Checkout the original story here: