back to insights


April 16, 2021

How to reduce Cart Abandonment Rate with Risk-Based Authentication?

When talking about online payments, the first red flag that comes to mind is fraud. But there is another threat that is being overlooked, that being cart abandonment, which is causing headaches for both merchants and issuers. The first version of the 3D Secure protocol lacked in the user experience segment, making the cardholders suspicious when processing their payments, thus abandoning their purchases. Let's see how Risk-Based Authentication tackled this issue and eliminated friction which was the leading cause for increased cart abandonment rates.

Risk-Based Authentication Cart Abandonment Rate

Cart abandonment rate, a silent threat

Cart abandonment rate is a common KPI for measuring the performance of your web store. It indicates how many customers added an item to your web store shopping cart but never finalized the purchase.

In other words, it showcases the rate of customers who showed interest in a particular product/service by adding it to the cart but left without making the purchase compared to the total number of completed transactions. 

Industry benchmark based on a number of studies states that the average cart abandonment rate is 69.80%. An abandonment rate greater than the industry benchmark can be induced by a variety of reasons, some of them being shipping costs, required sign-up, limited payment options, or checkout processes that are hard to follow.

By tracking their cart abandonment rates, merchants can better understand how their customers behave during their online shopping experience. Also, it is a helpful tool for determining why visitors are not converting into customers.

3D Secure 1 pain points

Security threats in the online payments environment are as real as they get, but the simple truth is that most cardholders did not encounter such unpleasant situations. From their perspective, additional security layers are seen as an inconvenience during the checkout process, making the cardholder abandon the purchase because of long checkout time or unfamiliarity with the screens presented. The first version of the 3D Secure protocol provided sufficient security. Still, it did not consider the user experience, especially when discussing mobile versions of the web stores, because the protocol was introduced long before such channels of eCommerce stepped to the scene.

This resulted in a spike in cart abandonment rates because cardholders had to deal with more friction in order to process a single payment, although that meant a more secured transaction. From the cardholder's perspective, heightened security measures were seen as irritating rather than looked positively upon.

Luckily, the newest version of the protocol, 3D Secure 2, introduced Risk-Based Authentication, enabling frictionless transactions while further improving the payment's security. 

How Risk-Based Authentication helps

Risk-Based Authentication calculates the level of risk for a particular transaction. Upon scoring the transaction as either high, medium, or low risk, the cardholder is challenged with additional authentication steps if needed. It is a dynamic, parameter-driven system that appoints an appropriate authentication method according to an individual transaction's risk score.

Some of the mentioned parameters include the device, location, network, transaction amount, number of transactions, delivery address, behavioral history, new or existing customer, and more.

To better understand how Risk-Based Authentication works, let's use a real-life example. Suppose a new customer is processing a purchase. In that case, the system detects that there is no previous transaction history connected to the card being used, and the cardholder will likely be challenged in the form of an additional authentication method. However, suppose an existing customer is processing a transaction with an, e.g., known device, and the transaction is within the transaction amount average. In that case, the cardholder won't be asked for any additional authentication, and a frictionless transaction will be processed.

Tackling Cart Abandonment Rates with RBA

Risk-Based Authentication promotes the so-called frictionless transactions, i.e., a transaction that does not require additional authentication on the cardholder side because the transaction is deemed low risk. It allows issuers to approve a transaction without interacting with the cardholder. By eliminating friction, the user experience is automatically improved.

A complete flow, enabled because of Risk-Based Authentication, is the following:

  1. A customer adds items to their shopping cart and proceeds to confirm the order.
  2. After entering their usual purchase information, a customer proceeds to checkout.
  3. ACS server collects and checks the risk-based parameters (e.g., device, network, browser version, delivery address, transaction amount...)
  4. A thorough history review is being performed which compares the transaction with the customer's behavioral profile.
  5. If the transaction risk score is low, ACS authenticates the cardholder without demanding additional interaction with the cardholder.

Benefits for the cardholders are obvious, a secured transaction with minimum effort regarding authenticating themselves. But the business benefit for merchants lies in reduced cart abandonment rates caused by reduced friction during the processing of online payments. It allows merchants to protect themselves and their customers from fraud while increasing revenue and customer satisfaction due to the frictionless experience enabled by Risk-Based Authentication.

As of right now, issuers are not confident in granting frictionless transactions, i.e., transactions that do not require additional authentication. The reason being is the fact that the issuing banks are the ones who take the liability in case of a fraud attempt. However, risk scoring services are acquiring more and more data by the minute and working on enhanced AI data analytics that are being applied to that same data in order to create and analyze customer profiles. This will result in detecting even the smallest deviations from the standard profile and the issuer can step in with SCA to confirm the authenticity of the cardholder.

For more information, contact our team at [email protected] to get a free, zero-obligation consultation or try our DEMO to see 3D Secure in action.

download datasheet
Request Trial

Interested in TriDES2?

Subscribe to our newsletter
© Asseco South Eastern Europe 2021. All rights reserved
clouddownload linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram