For a retailer, building shopper loyalty remains a real challenge, especially with the increasing importance of digital technology. Sales channels are multiplying (stores, websites, cell phones, etc.) and require an omnichannel vision of the transactions carried out, while guaranteeing security in these transactions. Shopper authentication, which allows the shopper's identity to be validated securely via an online server, is therefore a major lever.
It is the way to be recognized by the service provider at any time, in order to carry out a transaction, a payment or a connection to a customer area. There are different authentication methods that can be implemented, in accordance with the Payment Services Directive (PSD2).
Specific criteria for different levels of authentication
The PSD2 regulation has changed the situation for companies wishing to offer a secure payment method to their shoppers: strong authentication is now a must.Unlike simple authentication, whose security level can be qualified as "weak" (requesting the password at each connection, for example), the verification of the user's identity, in the case of strong authentication, must include at least one additional factor (such as a validation code received by SMS, or via a mobile application).
To authenticate a shopper, in compliance with the rules in force, two of the following three pieces of information must now be requested from him
- what they know (password, secret question...) ;
- what they have (identity document, validation SMS on their phone or tablet...);
- what they are (facial or voice recognition, fingerprint...).
Thus, for example, a payment card and the validation of consent via his banking application may be enough for the shopper to complete his purchase.
"Turning your credit card into a loyalty card and receiving rewards for each transaction is now possible", explains Benoit Mouret, our Head of Product. And it's simple and secure, just like making a purchase online.
A better shopper experience thanks to secure authentication
After authenticating themselves via the two previous steps, users can benefit from their favorite retailer's loyalty program, which automatically records the points accumulated with each transaction. This applies to in-store purchases, but also to online purchases! Benoit Mouret reminds us:
One of the main objectives of the PSD2 is to reinforce consumer rights. Data is collected and stored for 90 days, with an obligation to validate the customer's consent again after this period.
For the retailer, via a service provider, the shopper's transaction history can be recovered for 90 days so that his benefits are not lost.
Shopper authentication is used to prevent unauthorized access, or to add an extra layer of security to the usual "username and password" combination. With different choices (FaceID for iOS users, SMS confirmation, fingerprint..) in addition to the "classic" shopper identification, Spaycial, which s a bank account aggregator, is directly in line with these requirements for strong authentication. So it's safe to say that giving access to your bank account via a PSD2 compliant application is more secure than paying by credit card on a non-secure website!