Login to your statistics area.
Not registered yet?
With the revised Payment Services Directive (PSD2), which has come into force since 13 January 2018, the European Union has fundamentally changed the payment landscape and PSD2 determines how payments within the European Economic Area will be processed in the future. Above all, banks and financial institutions face major challenges in the implementation of the requirements, especially as they – among others – are obliged to provide third-party payment service providers with access to their banking systems. But even online merchants must comply with the new requirements.
Aimed to better protect online buyers, the PSD2 demands more security in online purchases and introduces strong customer authentication (SCA) - also known as two-factor authentication.
As of 14/09/2019 , an online transaction, must be verified requesting two of the following three characteristics: possession (e.g. map, mobile), knowledge (eg. PIN) or personal or physical characteristics (""inherent"", e.g. fingerprint, face recognition). Concretely, a physical item such as a smartphone can be combined with a one-time password or fingerprint before the online payment can be made.
The use of strong customer authentication for all online transactions will be mandatory (with a few exceptions) as of 14/09/2019 , as new regulatory technical standards of the European Banking Authority will enter into force at that time .
The authentication of a transaction must contain two or more of the following criteria:
Strong customer authentication is always required if
In addition, the following criteria must be met:
In future, nothing other than a fingerprint that is queried via the customer's mobile device will be required to authenticate and release transactions. Instead of relying on the traditional password (""something you know""), your customers can now combine ""something you own"" (e.g. a smartwatch) with ""something you are personal"" (e.g. a fingerprint).
Pursuant to Art. 97 PSD2, PSPs must implement strong customer authentication requirements.
From the PSD2 follows that the requirements for strong customer authentication apply ""only"" to the payment service providers defined in the PSD2. As a merchant and website operator, you are therefore not required to comply directly with the directive.
For subscriptions or recurring transactions with a fixed amount, only the first transaction that triggers the subscription must be released with strong customer authentication, and subsequent transactions can be executed without strong customer authentication. If the amount changes, a new strong customer authentication for each new amount is requirred.
We see a challenge in recurring transactions with changing amounts. However, regulators have confirmed that ""merchant-initiated transactions"" are outside the scope of strong customer authentication requirements under PSD2, so most subscription payments are not affected by strong customer authentication.
Appropriate exceptions may be requested for certain transactions. Such exemptions are designed to ensure that customers can enjoy a simple shopping experience with added security. Among other things, there are the following exceptions to the obligation to perform strong customer authentication:
The introduction of the new procedures require highly acceptance from consumers and merchants. To ensure that the payment process in your online shop is not overly influenced by the new authentication methods, Micropayment is currently working together with the cooperation partners on solutions to enable convenient payment processes that meet the requirements of the PSD2 guideline.
The ultimate goal is to make all transactions as secure as possible and to implement all legal requirements in a timely manner. Micropayment payment window transactions will meet strong customer authentication requirements as of September 14, 2019 . The factor of inherence plays an important role, as it transmits behavior-based information to a transaction.
While the new requirements will undoubtedly bring challenges for businesses and banks, Micropayment solutions will mitigate the impact on your online store.
If you use the Micropayment payment windows , you are well prepared for the PSD2 and strong customer authentication requirements. While the new requirements will undoubtedly bring challenges for businesses and banks, Micropayment solutions will mitigate the impact on your online store.