Following the second Payment Services Directive (PSD2), we joined hands with our payments partner, Stripe, to bring in Strong Customer Authentication (SCA) – an extra layer of security for the card payments you make for your Cheqdin subscriptions. The new regulation came into force on the 14th of September – with all online businesses in the UK expected to be fully compliant by March 2021.
What is PSD2?
PSD2 is a new European Economic Area (EEA) regulation that requires a 2-factor authentication from the customer prior to processing a card payment over the internet. Customers will now have to authenticate online card payments using two of the three possible identification traits, which could be:
- Something only the customer possesses e.g.) A cell phone or token
- Something only the customer knows e.g.) A PIN or password
- Something the customer is e.g.) A fingerprint or other biometric element
This strong customer authentication – that goes beyond passwords – has mostly been in use so far to authorise high-risk transactions. With the roll-out of the PSD2 regulation, it will now be a ‘norm’ rather than an ‘exception’ for all businesses accepting card payments online.
Although this means a few extra hoops for the customers to jump at check-out, the additional security step is expected to bring down payment fraud and increase security for online transactions. It also provides the additional benefit of shifting liability to the card issuer (typically the banks) in case of fraudulent transactions.
What transactions will be affected by SCA?
The new regulation will impact most electronic transactions and card payments made over the internet. If your bank/card provider is located in the EEA and you are making a single electronic payment transaction with any businesses in the EEA, you will be expected to present a 2-factor authentication to authorise the transaction.
Will SCA affect Cheqdin’s Direct Debit?
No. SCA will not affect Cheqdin’s direct debit services. Cheqdin and our direct debit partner GoCardless are fully PSD2 compliant. Moreover, SCA does not apply to direct debit payments made through Cheqdin as we use paperless direct debit mandates which do not fall within the scope of SCA.
What are the other transactions that won’t be affected by SCA?
As a customer, you won’t be expected to present 2-factor authentication for the following:
- Low-value transactions (transactions below €30)
- Recurring Payments: A new SCA is not required for renewing subscriptions if the transaction amount remains the same for one due date to the next
- Contactless transactions
At Cheqdin, we take security and fraud prevention seriously, and our team is committed to providing the highest standards of security and data protection for our customers. If you have any questions regarding SCA or data protection, please feel free to get in touch with our support team.
You might also like:
Childcare Payment Collection: Myth Vs Fact >View Article
3 Processes You Shouldn’t Think Twice About Automating >View Article