This website uses cookies. By using the website you agree with our use of cookies. Know more


The future of online purchase

By Pedro Cerqueira
Pedro Cerqueira
Husband, father, former water polo athlete, now an obstacle course runner with Nikes. Passionate about data and product development.
View All Posts
The future of online purchase


I believe the future of online purchase will be heavily tied to how well businesses can adapt to new regulations within a very complex ecosystem, such as the Payments Industry. With that in mind, let me share how at FARFETCH we took on the Strong customer authentication challenge to support our customers when completing their purchase. In the end, I expand on what I believe to be the future of payments and online purchases.

What is strong customer authentication?

Strong customer authentication (SCA) is a requirement of the EU Revised Directive on Payment Services (PSD2) on payment service providers within the European Economic Area (EEA). The requirement ensures that electronic payments are performed with multi-factor authentication to increase the security of electronic payments.

SCA has been a hot topic for a while in the Payments’ Industry, but more so since January 2021. This is because the European Banking Authority mandated that the SCA requirements should be fully enforced since then across Europe. In response, many European countries have communicated their individual enforcement timelines, which they have been updating ever since.

Since then, slowly but surely banks, card issuers, payment service providers and merchants have been preparing and launching their payment experience to support customers completing their purchases securely.

What changes for the FARFETCH customer with SCA?

It’s normal to think that once customers click or tap the "place order" button, they will be immediately redirected to the order confirmation page or screen, signalling a successful purchase at FARFETCH.

The hard truth is that it’s a bit more complex than that. There are many validations happening behind the scenes between many different parties to guarantee that the transaction can take place (e.g. funding checks, fraud checks, etc).

The SCA payment flow is just one more validation which adds an extra bank authentication step that needs to be performed by eligible customers before they are able to complete their purchase securely via card.

When customers in the EEA pay via card and click or tap the "place order" button on checkout, they may have to complete an extra step to authenticate themselves with their card issuer or bank (eligibility is based on a set of rules and heuristics that help define the level of risk for each transaction.) Once authenticated successfully, these customers will complete their purchase by being redirected to the order confirmation page or screen. That is, assuming no payment issues occur, such as invalid card details or insufficient funds.

As expected, one of the main benefits of SCA is to protect the customer by making paying online more secure. As a result, we expect to see a significant decline in fraud levels and associated costs (e.g. fraudulent chargebacks) with a direct impact on the business bottom line as more and more banks adhere to SCA across different regions.

These benefits come at the "cost” of adding a bit more friction to customers trying to complete their purchases online. Although fraudulent customers are having a very hard time trying to overcome the bank's secure authentication, we also know that legitimate customers are struggling to understand and accomplish it. This is a new and disruptive experience for everyone who is already used to purchasing online.

The changes in the purchase completion experience are most likely correlated with an expected decrease in conversion as more fraudsters get blocked and legitimate customers take their time to get used to it.

Given that conversion rate is one of the (lagging) vanity metrics that most merchants spend hours trying to monitor and understand to assess the health of their business, it’s very important to make sure everyone understands that conversion should never be looked at in isolation. In this particular case, it’s important to find actionable (leading) metrics and ways to assess how the reduction in fraud counterbalances the expected conversion decrease. And if you play your cards right, the conversion impacts should only be temporary.

What was our hypothesis to help customers complete their purchase?

We anticipated that some customers would not be able to authenticate and purchase successfully due to:
  • lack of awareness and information about SCA (e.g. customer abandons the order before purchase because the experience is different than usual, they do not know how to complete it, and/or they do not trust it’s legitimate);
  • lack of the necessary means (e.g. even if they have installed the bank app, they did not configure it with a phone number for the SMS token process) or skill (e.g. poor bank authentication experience, steeper than expected learning curve) to perform the authentication task;
  • technical problems as banks, merchants, and payment providers are still maturing their processes;
We believe that the last two bullet points above, although not completely out of our control, are heavily influenced by how the Payments Industry and its complex ecosystem evolve and mature to give online customers a frictionless, bug-free, and secure payments experience.
We also believe the first point was more within our immediate range of control and had the lowest level of uncertainty, so we decided to tackle it in anticipation of the SCA requirements enforcement.

Based on the growing number of customers abandoning the new SCA payment flow after tapping the "place order" and before having their order confirmed, our main hypothesis was that proactively informing and "hand-holding” customers all the way through will help reassure, inform, and allow them to purchase successfully without making them feel insecure, surprised, or suspicious, as measured by an increase in conversion rate. The goal was to tap into our customers’ (mostly subconscious) feeling of security and trust to create a predictable and stress-free purchase experience throughout different touchpoints (e.g. email, push-notifications, checkout, etc).


Dr. Noriaki Kano published the Kano Model of product development and customer satisfaction. According to the Kano Model, features can be categorized in 1 of 5 categories. The first category includes "basic” features, which are always expected by customers to exist on products of a given line or type. Even if customers might not explicitly say it or regularly think about it. However, once customers notice that a "basic” feature is missing, they will become very dissatisfied.

I categorize "security” as a product feature under the group of "basic” features of any e-commerce service. This is especially true at the point of purchase, where customers expect it most and actually take it for granted without even consciously thinking about its presence. This means that security, and perception of security, must be embedded in an e-commerce environment. When a "basic” feature such as this is not there, or if it doesn't work as expected, most customers will quickly become dissatisfied and most likely won’t convert.

Without disclosing the multiple solutions we attempted to tackle this global hypothesis across all our channels, we ultimately helped our legitimate customers complete their purchase in fewer attempts, increasing conversion by reducing surprises, suspicion or concerns about security in this new payment flow. At the same time, we saw a significant reduction in fraud levels as fraudulent customers weren’t able to overcome the "positive friction” added by the new bank SCA step.

What will be the future of purchase?

I believe the benefits of more secure payment flows such as SCA will, in the short-term, outweigh its initial drawbacks for customers and merchants alike. I expect to see a rise in their adoption in the coming years as they start to prove their real worth and disrupt the e-commerce purchase experience across the globe.

This will be especially true for businesses that are trying to grow by helping customers complete their first purchase. This is because, in theory, new customers have a higher-risk profile due to the lack of data on them and will eventually be the most affected by the initial extra friction these flows might bring.

In a way, it’s as if the conversion funnel just became a little longer and complex for all fraudsters out there, as well as for some of our legitimate customers who are completing their purchase.

In addition, it’s worth mentioning that this hypothesis does not apply solely to SCA, but also to scenarios in which a customer decides to pay via an external payment method (e.g. PayPal, Klarna, etc). A smooth and reassuring transition between the e-commerce site or app and the external payment provider flow is essential to providing a perceptively secure environment.

If we assume that these are customers that have already shown a very high-commitment to complete their purchase by clicking or tapping the "place order" button, it’s really risky for businesses to turn a blind eye to all the money being left on the table.

In addition, as the share of this external payment provider flows increases, merchants can afford less and less to ignore the need for increased security in their complex checkout journeys. Online businesses need to be strategic and invest in learning more about our customers’ needs, behaviour, and experience in these new and disruptive scenarios. This is about "skating to where the puck will be and not where it is now”.

Businesses that are able to adapt smoothly to these circumstances while helping customers complete their purchase will have an undeniable competitive advantage.
Related Articles