Search

How will the European payments landscape change in 2019?

By Brian Gaynor

The Second Payment Services Directive (PSD2) is part of the European Commission’s efforts to create a safer, more innovative payments environment in Europe. The legislation, which builds on the groundwork laid by the original payment directive in 2009, has significant mandates coming into force in September 2019.

With rising concern surrounding the increasing levels of ecommerce fraud in Europe, one of the key aims of the new regulation is to help ensure that payment procedures are safe and secure. Consumers must feel confident that paying for goods online is just as secure as physically visiting a bricks and mortar store.

As regulations try to keep pace with the rapidly expanding ecommerce industry, merchants must respond with preparation and agility in order to remain competitive. However, PSD2 is not the only major trend in European ecommerce which is shaping how consumers shop and pay for their products.

UK market powers ahead

The UK remains the dominant force in European ecommerce, with a market worth €178.5bn*, a figure that dwarfs its next-biggest rivals, France (€81.7bn) and Germany (€73bn). Aided by its advantage of language – much of the technology powering ecommerce comes from the US – and the country’s early and widespread use of debit cards, the UK’s healthy lead in ecommerce has widened in recent years, having grown by double-digit rates each year.

However, growth in these established markets is now stabilising and the impact of Brexit is an unknown factor for 2019.

The online shopping sectors in Germany, France and the UK are due to rise at a compound annual growth rate (CAGR) of approximately 7-10% between 2017 and 2021. Other, less heralded, markets now represent compelling opportunities: of the 18 countries surveyed in J.P. Morgan’s Payment Trends – Global Insights Reports, 10 are set to enjoy double-digit Business 2 Consumer (B2C) ecommerce market expansion between now and 2021, with the Czech Republic (16% CAGR), Italy (14%) and Spain (13.5%) ranking highest for predicted growth.

London

Mobile commerce the main driver of growth

Such advances are being spurred by the increasing consumer adoption of technology and smart devices. Alongside the rising penetration of smartphones, mcommerce innovation is producing app-based retail sites and payment systems, making it easier for consumers to shop online.

Although this is particularly evident in the UK, where mobile devices have become the primary device with which to spend online, other smaller and mid-level markets continue to innovate and pivot to a mobile-led future. The Czech Republic, IrelandNorway and Sweden stand out as fellow rapid adopters of smartphone-based payments.

These opportunities bring with them challenges that must be overcome. For example, some of the smaller European markets must develop their payments infrastructure to reach the sophistication of the more established ecommerce markets. In Italy, payment on delivery with cash, with a 45% share of the market, is still the most popular way to pay for ecommerce transactions.

Source: 2019 J.P. Morgan Payments Trends – Global Insights Report: Data has been provided to J.P. Morgan Merchant Services by Edgar, Dunn and Company.

Cards are still king in Europe

If we look at ecommerce transactions overall however, cards continue to represent the primary payment method across the majority of European markets (cards were the number-one payment method in 11 of the 18 countries J.P. Morgan assessed). Card use is particularly strong in high spending, digitally advanced countries with a high bank penetration.

At present, card payments are highest in Denmark (63.4% of ecommerce payments), Ireland (60%) and the UK (53%). There are some notable exceptions. In Germany, for example, card payments are relatively small due to historically low credit and debit card penetration. Bank transfers and open invoicing are the most popular ways to pay for online goods there.

Technological innovation is also driving the diversity of the payments environment. While the growth of digital wallets is a global trend, their rise in Europe is particularly striking. Both established and less advanced ecommerce economies are embracing this payment method. In Italy, for example, just under one in three online purchases are now made using an e-wallet; in the UK this figure is one in four. 

As the smartphone has become an indispensable part of daily life, the growth of digital wallets and other mobile endorsed technology is perhaps inevitable.

Yet, given the high brand recognition of major card payment providers like Visa® and Mastercard®, and advances in online anti-fraud technology, cards are expected to remain an essential part of the payments landscape to 2021.

Debit cards

Transition to PSD2

Despite the growing acceptance of online shopping and digital payment methods, there is still a significant number of consumers who are reluctant to pay for products online, which is understandable. In Europe, approximately 2% of online shoppers experience fraud each year.

Source: 2019 J.P. Morgan Payments Trends – Global Insights Report: Data has been provided to J.P. Morgan Merchant Services by Edgar, Dunn and Company via Eurostat, 2017.

It is envisaged that PSD2 will help increase the security of shopping online and therefore encourage the growth of ecommerce, without disrupting the buying experience for consumers.

When PSD2 mandates go live in September 2019, there will be widespread implications for all companies in Europe involved in the payments ecosystem. The changes will create opportunities for players looking to take advantage of a more open banking sector, while incumbent companies will need to prepare for a fragmented landscape with emerging challenges.

Stimulating innovation

At present, customers principally access their bank accounts through the products and channels provided by their banks. PSD2 opens up banks’ payments infrastructure and customer data assets to third parties, enabling the emergence of Payment Initiation Service Providers (PISP) and Account Information Service Providers (AISP).

Under PSD2, a PISP can initiate a payment on behalf of a customer directly from their bank account. By creating a new way for consumers to pay for products, PSD2 will generate a new payments landscape. This is an exciting development but will take a number of years to establish itself due to the very different banking regulations and processes in each country, as well as consumer inertia around switching from payment methods which they know and trust. An EU-wide payment system is therefore unlikely in the short-term, although there might be some localised or regional schemes.

Meanwhile, with the new regulations an AISP can access a customer’s financial data directly from their bank. By harmonising the obligations of payment providers and effectively levelling the playing field, PSD2 offers fintech companies an unprecedented opportunity - online companies and start-ups will be able to access the spending data and habits of consumers, allowing them to create innovative and tailored banking products.

For example, they could aggregate all of a user’s different bank accounts in one place, such as an online portal or in a mobile app, or they could develop budgeting services and price comparison websites offering accounting help and product recommendations. For merchants, potential products may also provide greater credit checking insights by evaluating the spend patterns of a consumer across their accounts with different institutions.

Digital

Moving to Strong Customer Authentication (SCA)

Although the promotion of innovation stands as a key driving force for PSD2, the regulation’s primary goal is to create a safer European payments framework. PSD2 includes a specific mandate that focuses on strong customer authentication (SCA) as a way to improve security for the consumer. SCA is two-factor authentication, a security system that obligates the consumer to provide more than just a password to complete a transaction.

The two factors may simply require a piece of user-specific information that only they know, coupled with something the user possesses, such as a mobile phone or something inherent like a fingerprint, iris recognition or voiceprint. The major card schemes already have a security protocol for card-not-present transactions called 3D Secure 2.0. By implementing this scheme, merchants will satisfy their SCA obligations arising from PSD2.

While the immediate challenge for merchants will be to develop interfaces that can accommodate such security measures, the greater risk is disrupting the buying experience for consumers. The implementation of two-factor authentication threatens to be counter-productive by creating a more complicated payment process that makes consumers less inclined to shop online. Merchants must be ready - it is imperative that all of these new systems mesh to create a seamless shopping and payment experience.

Phone thumbprint

Given these concerns over the customer journey, PSD2 has provisions that allow merchants to offer ‘frictionless flow’ for certain transactions, passing them through to the issuer without the need for SCA. There are several exemptions allowed from SCA but merchants need to consider what is most appropriate to their business:

  • Low-value Transactions:  Below €30 but cumulative transactions exceeding €100 or six consecutive low-value transactions must be challenged
  • Recurring Transactions: Same value or varying values in specified scenarios
  • Trusted Beneficiaries: Where the consumer adds a merchant to a whitelist with their issuer
  • Secure Corporate Exemption: Restricted to specific travel and lodging use cases
  • Transaction Risk Analysis: Exemption based on fraud rate of acquirer

The rules and implementation methods for some of these exemptions are still evolving and so in the months running up to PSD2’s launch, merchants should speak with all parties in the payment ecosystem to evaluate the most appropriate implementation for them.

Transaction Risk Analysis (TRA) provides the greatest control for the merchant. TRA involves the analysis of various factors, such as customer location or payment history, to determine whether a transaction might be fraudulent. The transactions a merchant can exempt from SCA will be determined by the size of the transaction and the fraud rate of their acquiring bank (see below).

Source: J.P. Morgan

By implementing 3D Secure 2.2 – the next iteration of the protocol – merchants will be able to flag SCA exemptions, including TRA, offering a purchaser the most ‘frictionless flow.’ The good news is that the upgrade is relatively minor once the merchant is already using 3D Secure 2.0.  

In terms of advice for merchants, Brian Gaynor, Executive Director for Product Solutions, Merchant Services Europe for J.P. Morgan, emphasises the need for preparation: “There’s now a scramble for everyone in the payments ecosystem – merchants, acquirers and issuers – to get ready for September 2019, and not everyone is going to be fully ready. For example, there has been a focus on the impact of PSD2, and particularly the exemptions, but until they come into force, there is a degree of uncertainty around how they will be interpreted and implemented across the geo. The TRA exemption is dependent on the fraud rate of the acquirer – have you asked yours what their fraud rate is? Do you know what exemptions they support and how they will be applied? These are conversations that should be happening now. Time is running out.

Secure door

There is the potential for security to become incentivised. As merchants will have thresholds for the size of transactions they can be exempt from, based on the fraud rate of the acquirer, merchants may start seeking out financial providers with a good record of fraud prevention, as this would allow them to offer the consumer a more convenient experience. Acquirers and other entities in the payment processing ecosystem should be driven to improve their own fraud rates so that they can offer frictionless flow to merchants at higher thresholds.

While concerns over the impact to the customer journey are valid and teething problems are inevitable, it should be remembered that consumers want the feeling of enhanced security, so by definition there is a desire for the process to become more rigorous. The balancing act for the industry and merchants alike will be to protect the consumer without damaging the overall experience.

To learn more about how to prepare your business for PSD2, visit J.P. Morgan Payment Insights for Europe.

You can also register here to attend J.P. Morgan’s upcoming webinar on PSD2 – Is your business ready? 

Brian Gaynor, Executive Director for Product Solutions, Merchant Services Europe, J.P. Morgan

The information herein or any document attached hereto does not take into account individual client circumstances, objectives or needs and is not intended as a recommendation of a particular product or strategy to particular clients and any recipient of this document shall make its own independent decision. This document and the information provided herein may not be copied, published, or used, in whole or in part, for any purpose other than expressly authorised by Chase Paymentech Europe Limited. © 2019, JPMorgan Chase & Co. All rights reserved.

Chase Paymentech Europe Limited, trading as J.P. Morgan, is regulated by the Central Bank of Ireland.

Registered Office: J.P. Morgan, 200 Capital Dock, 79 Sir John Rogerson's Quay, Dublin 2, D02 RK57, Ireland.

Registered in Ireland with the CRO under the Registration No. 474128.

Directors: Catherine Moore (UK), Carin Bryans, Dara Quinn, Steven Beasty (US), Eilish Finan

*All data is collected from the J.P. Morgan Payment Trends series, unless otherwised specified

Join thousands of other Online Retail professionals

Get unique insights straight to your inbox for free, and improve your understanding of online retail. Subscribe to Online Retail Weekly now.

SDSI BNR IMRG DS 2019 v1