What's the impact of Apple's announcement about PSD2 regulation to it's online services, including In-App Subscriptions and Purchases?
Apple just announced deploying PSD2 regulation conformance to its online services Apple Pay, iTunes Store and the App Store including In-App Subscriptions and Purchases.
These changes will be effective starting December 31, 2020, only 4 days after App Store Connect unfreezes 😱 .
What is PSD2?
PSD2 stands for Payment Service Directive revision 2. This is an EU directive that regulates the payment services in Europe. Its goal is to make online payments safer, more secure to protect consumers and merchants against fraud.
One of the most visible impact and requirement of PSD2 regulation is the display of a Strong Customer Authentification (SCA) method provided by the bank which can be:
- Something the customer knows (password)
- Something the customer has (phone, RSA securId)
- Something the customer is (face recognition, fingerprint)
Purchasely does all the heavy lifting with no coding needed so your whole team can enjoy increasing app subscription revenues, effortlessly.
When does it apply?
This process starts when:
- You make a purchase above €30
- When you first subscribe to an auto-renewable subscription
This process will be deployed in 31 countries and regions: Austria, Belgium, Bulgaria, Croatia, Czech Republic, Cyprus, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and United Kingdom.
SCA breaks the standard In-App flow and the purchase is validated outside of your app. The detailed flow is the following:
- The user starts a purchase inside the app, the purchase falls into a “failed” state (despite the fact that Apple documented “deferred” state)
- The bank’s website or app opens
- The user enter whatever the bank needs (passphrase, code, token, …)
- The user is then redirected to the App Store where a confirmation message will be presented
- The user can return to the app and a new receipt is immediately presented with a “purchased” state.
What are the impacts?
The first impact is on conversion. Adding a step to payment process requiring to enter an information is never a good thing for conversion. As this is a mandatory regulation we won’t talk more about it.
Regarding implementation, apps that already support Ask to Buy (purchases under parental control) are ready for PSD2 changes otherwise they might be losing transactions. Apps that support Promoted In-App Purchase might also be ready.
If your are not supporting this and you are selling subscriptions or non-consumables, your users can still restore their purchases but consumables might be lost for good.
The good news is that if you use Purchasely you already are supporting PSD2. Easy right?
If you are using Purchasely, everything is fine but you might want to check some things.
How to implement PSD2 support (and Ask to Buy)?
Follow theses steps to support both Ask to Buy and PSD2.
1- Start listening to the payment queue when the app launches
When a payment is passed to a PSD2 validation, this process is external to the app and can occur while your app is not even running. What Apple does is that it presents the receipt right when you switch back to the app no matter which state the app was in.
So get ready to receive transactions at any time. To do so, start listening to the payment queue by calling
didFinishLaunchingWithOptions of your
AppDelegate is called.
2- Process the payments
When you come back to the app after validating a purchase, StoreKit will provide a new transaction to the observer initialized in the AppDelegate.
You will receive that transaction with a
purchased state in the following method:
func paymentQueue(_ queue: SKPaymentQueue, updatedTransactions transactions: [SKPaymentTransaction])
Be aware that You will also be receiving renewal receipts in this .
3- Inform your users
Apple was supposed to send a deferred state when PSD2 validation is triggered. This would have allowed you to inform the customer about what just happened so that he doesn’t get frustrated.
But as the state is finally “failed” there is no precise way to know what truly happened.
As long as PSD2 is not deployed, you will have to simulate it using on ask-to-buy which relies on the same external validation mecanism.
You can simulate this behavior by enabling Ask to Buy and check that your observer receives the purchased transaction.