Ecommerce Europe, in association with a number of pan-European stakeholders representing the digital, retail and payments sectors, has co-signed a letter addressed to European Commission Vice-President Valdis Dombrovskis regarding the European Banking Authority’s (EBA) draft regulatory technical standards on Strong Customer Authentication and common and secure communications under the Payment Services Directive 2. Although Ecommerce Europe welcomes that the EBA has taken into account the e-commerce industry’s concerns and acknowledged the importance of a risk-based approach through a Transaction Risk Analysis (TRA) to online merchants’ business models, Ecommerce Europe continue to stress that the draft standards fail to address the importance of the merchant side to the application of TRA. By not accounting for the customer information held by online merchants, valuable information that only online merchants have will be lost as a factor of minimizing transactional risk. More legitimate payment transactions will thus be declined as customers’ PSPs/banks will not be able to pinpoint all low-risk transactions. We therefore urge the Commission to work with the EBA and the e-commerce industry to address the below points in line with the spirit of the revised Payment Services Directive and to the benefit of the EU’s Digital Single Market:
- Merchants and their PSPs must be given the option to use TRA, and their individual fraud rates must be taken into account
- TRA must apply to the dynamic linking requirement
- Fraud tolerance thresholds should be simplified, based on available industry norms and applied to all transactions, with no upper transaction limit
To read the full letter, please click here.