On September 14, 2019, the new regulations on online payments will enter into force , known as reinforced customer authentication . The SCA (Strong Customer Authentication) will involve a change in online transactions for companies in Europe, and is expected to have a strong incidence in the European economy.
SCA will involve an additional level of authentication for online payments. That is, it is a new regulation at the time of verification of electronic payments.
The new regulations enter the next September 14 , and will affect companies that offer online access to payment accounts in Europe or make electronic payments when the payer is the one who starts the process . In Verum Management we offer you the keys to the new SCA regulations:.
The SCA is part of the Second Directive of Payment Services (PSD2)
In 2009 began the psd (Payment Service Providers) regulations, also known as “regulations on payment service providers.” Through this new regulation, what is known as the Single Payment Market in Europe began, with the aim of providing greater security in operations.
Subsequently, the psd2 regulations were approved in 2016, which meant a update of the first. However, until January 2018, its implementation was delayed, due to existing legal and technical problems.
In this sense, the technical specifications to implement this regulation (known with the acronym RTS) were approved in the month of March 2018, and the maximum period to adapt them ends in September this year .
extra authentication level
The main objective of the PSD2 is to reduce the fraud generated by the payer, especially related to the illegitimate impersonation following the theft of credentials of the users.
It also guarantees a higher level of security, since it requests two authentication factors in electronic payments. The new SCA regulations forces to use at least two of the three extra levels of authentication:
- Possession: something that the user possesses, such as a code or a smartphone.
- Knowledge: something that the user knows, as a password.
- Inherent: something inherent to the user, as a biometric element (fingerprint).
60% of SMEs will not comply with the norm in the term
According to a company Stripe, the Global Payment Infrastructure Company, it is estimated that three out of five European SMEs with less than 100 workers “will not comply with the standard in the deadline.” On the contrary, the large companies of more than 5,000 employees will be fully complied with.
And your company is prepared?