Data Protection is and will always be a question of risk management. However, due to increasing fines by applying the General Data Protection Regulation (GDPR), the necessity to manage the companies’ risks adequately reached a new level. In this context, possible fines of 20 Mio. Euro or four percent of the companies’ total worldwide income are mentioned frequently. The risk additionally increases in the context of (sensitive) customer data.
In reality, the risk of processing customer data seems to be much lower than the actual cap of the GDPR. Fines do not even get close to the cap and the issue of warnings is more likely to be the standard tool of the supervisory authorities. So, how high is the risk?
Analyzing this question is an important and critical task for every company. This analysis not only includes the customer data’s need for protection and whether a data breach is likely but also the frequent assessment of the supervisory authorities and their behavior.
Europe is tackling the biggest issues of the modern age and the rest of the world watches and follows. Case in point, the EU GDPR set a global standard for data privacy and the revised EU Payment Services Directive (PSD2) aims at doing the same for e-commerce. With PSD2, companies providing payment services in Europe, not just those headquartered there, must comply with the directive's requirements for strong customer authentication (SCA) or risk losing their payment provider license. iovation, a TransUnion company, recently analyzed the impact of PSD2 based on interviews with banks, PSPs and merchant executives. Hear key findings including how unprepared companies are for PSD2, the impact on companies outside the EU, and what steps can be taken to meet requirements without driving up customer attrition.
|
Key takeaways: |
|
- How do companies ensure cart abandonment does not increase with the new SCA requirements under PSD2 |
