15% of consumers are making more online purchases since the beginning of the coronavirus crisis. Simultaneously, 20-30% of abandoned purchases are caused by problems in the payment process. The challenge thus remains to combine both security and convenience in e-commerce.
Meanwhile, more than 64% of turnover in global e-commerce comes from transactions carried out on customers’ mobile devices. In Germany, 52% of consumers use their smartphones for online shopping. For this reason, the demand for payment methods which are easily usable on mobile devices is increasing sharply. Consumers also expect seamless payment processes on their mobile devices. Therefore a “mobile first” strategy is crucial for all players.
According to Antti Ojaranta, “The pandemic also led to many customers using online shopping websites for the first time. For these customers especially, it is important not to scare them off with long and complicated payment processes.”
Tokenization supports e-commerce and mobile payment
Tokenization plays a decisive role in both e-commence and mobile payment. It allows security and ease of payments to be increased significantly. Thus, merchants can use the saved card on file based on tokenization (card data saved in token form on merchant’s server to achieve higher conversion rates and improved user friendliness. Many mobile payment processes, such as Apple Pay also function on the basis of tokenization.
Tokenization is generally a simple process: the original credit card number (aka PAN - Primary Account Number) is replaced by another number, a token. A token has a number of advantages: It can be equipped with certain additional information, such as the fact that it can only be used on a certain device, that it is valid for a limited period of time, or that it can only be used for a very specific purpose. In addition, it is not possible to deduce the original card number from a token. If cybercriminals get access to a token, they cannot do anything with it.
Tokenization is useful in a number of different scenarios. There are several ways to organize the required services. Giesecke + Devrient supports card issuers in tokenization with its "Convego Service Broker" solution. CloudPay eCOM" was developed for online merchants and their payment service providers.
Andy Ramsden said “Tokenization is good example of how payment security and convenience can be combined. High security with bad user experience brings just as little as good user experience with low payment security.”
Delegated authentication: Possibilities for merchants
The Strong Customer Authentication (SCA) prescribed by PSD2 is a challenge for all parties involved. For online merchants, this means that they should first consistently use the exemptions from SCA provided by PSD2. In addition, Delegated Authentication offers the chance to provide customers with a smooth checkout.
Delegated authentication simply means that a merchant takes over the authentication of the customer himself. The solutions of the FIDO Alliance (Fast Identity Online) offer themselves as PSD2-compliant authentication methods. If a merchant has registered its customers securely via FIDO, the login to the customer account at the merchant can be used as authentication for payment transactions. The confirmation of the authentication by the merchant is fully supported by 3D Secure in version 2.2.
For customers, this means that they no longer have to switch back and forth between the merchant app and the bank app during checkout, but can complete the payment with a single click - a great advantage especially when customers use their smartphone for online shopping.
Netcetera’s Software Development Kit, or SDK, is an ideal tool to implement 3D Secure on mobile devices.
Kurt Schmid commented “There are several technologies available to make the use of smartphones for online shopping easier, more convenient and more secure. To achieve this, banks, merchants and their relevant technology partners should be aware that each party involved can contribute to a good user experience.”