Embedded finance offers numerous solutions for B2C enterprises. These include digital wallets, cards, fast cross-border payments, multi-currency support, and numerous other tools and features that can be seamlessly integrated into a company’s existing platform. However, due to the strict requirements of the PSD2, few if any of these will be available to you if your business fails to implement Strong Customer Authentication. To find out what this entails, we turned to our own Rita Stankevičiūtė, Product Manager at ConnectPay.
Back in 2015, seeking to reduce fraud and provide an additional layer of security to payments, the European Union launched the Payments Services Directive 2, better known simply as PSD2. One of the requirements stipulated in the Directive’s revised version is that certain types of payment must be safeguarded by using what is called Strong Customer Authentication (SCA).
The criteria of this requirement are fairly straightforward, or at least seem so at first glance. Businesses dealing with “customer-initiated” online, or contactless offline, payments in the UK and Europe must integrate at least two out of three additional elements into their checkout systems. The first element has to do with things the customer knows (e.g., password or PIN). The second encompasses physical items the customer has (e.g., mobile device or hardware token). And, finally, the third element refers to something the customer is (e.g., face or voice recognition).
“As with most similar regulations, the PSD2 also includes a number of exemptions. These apply to certain types of payment, such as low-risk transactions, phone sales, merchant-initiated transactions, and payments below a specific amount. For most B2C businesses focused on onboarding private individuals, however, these are largely irrelevant,” Rita explained.
What’s the solution, then? The default option is to develop the necessary digital infrastructure in-house or to outsource development to a third-party. Both of these come with serious downsides in terms of time and resources. Depending on circumstances, including the nature and extent of your business, you might even have to start a compliance department, just to take care of all the legal complexities properly.
“But today, this is not the only option,” Rita said. “Some embedded finance providers are now offering embedded, that is to say, built-in, compliance as part of the service package. This means that clients can integrate the features they need, while offloading the handling of regulatory matters to the provider”.
ConnectPay is one of such providers. Noticing the growing need for more basic solutions among businesses with relatively straightforward needs (e.g., those not needing things like branded cards or onboarding business clients), we developed a stripped-down embedded finance version of our standard, built-in regulatory compliance module. In addition to its other features, it also includes the implementation and management of the required SCA elements on behalf of the customer.
Usually, embedded finance providers tailor their solutions to even the most demanding of businesses in terms of security and compliance standards. This makes perfect sense, as you want your core product to cover as much ground as possible. And yet, some customers would much prefer to keep things simple.
“By partnering with us, such B2C companies, who are new to embedded finance will not have to deal with SCA – at all. This means no keeping of enhanced logs, no user management to worry about, no maintenance of API certificates to ensure, no need for engaging external vendors, and no additional password protection to put into place. We’ll take care of payments, statements, account top-ups and other SCA-related business, making the onboarding process a total breeze,” Rita explained.
Finances can be complex, but we’re here to simplify them for our clients. Our embedded finance solutions go beyond just compliance; once we noticed we could take the burden of SCA off some of our client’s shoulders – we developed a solution for that. This means B2C companies can focus on what matters most to the business, while we handle the complexities for them. Learn more about this solution here >
