Strong Customer Authentication (SCA) is here to make online payments more secure, and it’s not optional.
From the 14 September 2019 a new European requirement (SCA) will come into force as part of the second Payment Services Directive (PSD2) and we’ve been busy implementing the correct technologies required to meet compliance standards.
What is SCA?
Strong Customer Authentication (SCA) is a new requirement designed to make payments online more secure. This means that extra levels of authentication will now be required at the time of the transaction for European online shoppers.
Until now payments were collected with the customer’s card details and a billing address (even then banks often don’t check the address) and we’ve made extensive use of the optional 3D Secure v1 to add an extra step in authenticating the customer before purchase. Because of customers’ banks limited ability to prevent fraud we’ve also invested in building our own fraud analysis and prevention to complement our payment providers.
However, from the 14th of September, banks will legally require more information before allowing an online payment to go through and will decline payments that require SCA and/or don’t meet the criteria.
So what will banks need now?
Moving forwards all online transactions will need to be authenticated by at least two of the three following methods:
- Something only the customer knows (e.g. password or PIN).
- Something only the customer possesses, such a mobile phone.
- Something the customer is, (e.g. fingerprint recognition).
If you sell gift vouchers on-site via PDQ it’s worth noting that contactless payments will also fall under the scrutiny of the new SCA regulations.
How does SCA affect you?
All orders that you process via Giftpro are now compliant with SCA so your gift voucher platform is more secure than ever before.
In theory, this should reduce fraud even further and place more of the liability with the bank.