Cart abandonment rate is a common KPI for measuring the performance of your web store. It indicates how many customers added an item to your web store shopping cart but never finalized the purchase.
In other words, it showcases the rate of customers who showed interest in a particular product/service by adding it to the cart but left without making the purchase compared to the total number of completed transactions.
Industry benchmark based on a number of studies states that the average cart abandonment rate is 69.80%. An abandonment rate greater than the industry benchmark can be induced by a variety of reasons, some of them being shipping costs, required sign-up, limited payment options, or checkout processes that are hard to follow.
By tracking their cart abandonment rates, merchants can better understand how their customers behave during their online shopping experience. Also, it is a helpful tool for determining why visitors are not converting into customers.
Security threats in the online payments environment are as real as they get, but the simple truth is that most cardholders did not encounter such unpleasant situations. From their perspective, additional security layers are seen as an inconvenience during the checkout process, making the cardholder abandon the purchase because of long checkout time or unfamiliarity with the screens presented. The first version of the 3D Secure protocol provided sufficient security. Still, it did not consider the user experience, especially when discussing mobile versions of the web stores, because the protocol was introduced long before such channels of eCommerce stepped to the scene.
This resulted in a spike in cart abandonment rates because cardholders had to deal with more friction in order to process a single payment, although that meant a more secured transaction. From the cardholder's perspective, heightened security measures were seen as irritating rather than looked positively upon.
Luckily, the newest version of the protocol, 3D Secure 2, introduced Risk-Based Authentication, enabling frictionless transactions while further improving the payment's security.
Risk-Based Authentication calculates the level of risk for a particular transaction. Upon scoring the transaction as either high, medium, or low risk, the cardholder is challenged with additional authentication steps if needed. It is a dynamic, parameter-driven system that appoints an appropriate authentication method according to an individual transaction's risk score.
Some of the mentioned parameters include the device, location, network, transaction amount, number of transactions, delivery address, behavioral history, new or existing customer, and more.
To better understand how Risk-Based Authentication works, let's use a real-life example. Suppose a new customer is processing a purchase. In that case, the system detects that there is no previous transaction history connected to the card being used, and the cardholder will likely be challenged in the form of an additional authentication method. However, suppose an existing customer is processing a transaction with an, e.g., known device, and the transaction is within the transaction amount average. In that case, the cardholder won't be asked for any additional authentication, and a frictionless transaction will be processed.
Risk-Based Authentication promotes the so-called frictionless transactions, i.e., a transaction that does not require additional authentication on the cardholder side because the transaction is deemed low risk. It allows issuers to approve a transaction without interacting with the cardholder. By eliminating friction, the user experience is automatically improved.
A complete flow, enabled because of Risk-Based Authentication, is the following:
Benefits for the cardholders are obvious, a secured transaction with minimum effort regarding authenticating themselves. But the business benefit for merchants lies in reduced cart abandonment rates caused by reduced friction during the processing of online payments. It allows merchants to protect themselves and their customers from fraud while increasing revenue and customer satisfaction due to the frictionless experience enabled by Risk-Based Authentication.
As of right now, issuers are not confident in granting frictionless transactions, i.e., transactions that do not require additional authentication. The reason being is the fact that the issuing banks are the ones who take the liability in case of a fraud attempt. However, risk scoring services are acquiring more and more data by the minute and working on enhanced AI data analytics that are being applied to that same data in order to create and analyze customer profiles. This will result in detecting even the smallest deviations from the standard profile and the issuer can step in with SCA to confirm the authenticity of the cardholder.