Strong Customer Authentication: is your website ready for the new online payment rules?
7th March 2022
The Strong Customer Authentication (SCA) anti-fraud regulations will come into force on 14th March 2022, so how will this affect your online customers?
Put simply, the rules will mean UK shoppers can expect more identity checks and declined payments when purchasing goods online. The package of measures was meant to land on the counter of retailers a year ago, however the Financial Conduct Authority (FCA) delayed delivery to allow businesses more time to adapt.
The legislation actually originated from the European Banking Authority and was adopted into UK law before Brexit.
What is Strong Customer Authentication?
The basic idea is that retailers will need to verify the identity of the customer before accepting their online debit/credit card payment. For shoppers, it will be a similar process to logging on to their online banking account.
Low-value purchases (under £25) will not be affected as checks will continue to be done in the background, while shoppers buying expensive goods will need to supply a password, PIN or one-time-passcode sent to their phones. Checks will not apply when buying products or takeaway food over the phone.
Who will be affected?
Mastercard is expecting around a quarter of online transactions to require an extra level of verification, compared to just 1% before SCA was introduced. Like all rules, there are exemptions meaning not all high-value purchases will require a check. It is thought that making several small payments could also trigger a verification.
There is anecdotal evidence that card issuers had already started to tighten up on online payments before the official introduction of SCA.
It is also expected that checks will be made when setting up or changing a recurring payment, such as a TV subscription.
Why is Strong Customer Authentication being introduced?
According to UK Finance, which represents the banking sector, fraudsters stole more than £750 million in the first half of 2021. The finance industry is constantly having to update its procedures in order to stay one step ahead of cyber criminals, while providing the public with peace of mind.
What can customers do?
Many banks and building societies are urging their customers to download banking apps so that they can receive verification codes on their mobile phones. You should also check that your bank has your current personal details, including mobile number, email address and landline.
Customers will need to become familiar with the verification process for their bank, such as via text, a phone call, mobile app or card reader. Be aware of any unusual requests or procedures, such as a caller asking for a PIN or full password (which they should never do).
Want to know more?
Here at it’seeze, we have made the necessary preparations for the new Strong Customer Authentication rules. All our merchant card partners are now compliant with the law, while all our eCommerce websites conform to the new regulations. This attention to detail is just one part of our routine customer support.
Share this post: