A background to PSD2
PSD2 is the 2nd EU Payments Service Directive.
The directive builds on three key areas of legislation first brought in with the original 2007 Directive. These areas include increased consumer rights in payments, creating a level playing field by bringing into scope the regulation of third-party access to account information and enhanced security.
Enhanced security refers specifically to a set of requirements called Strong Customer Authentication (SCA). These requirements have far-reaching implications for any business with an online presence.
This guide will explore SCA, who and what it affects and how businesses can prepare for the requirements to take effect.
What is Strong Customer Authentication (SCA)?
Strong Customer Authentication is a set of upcoming regulatory requirements, designed to make paying online more secure and, consequently, reduce payment fraud.
SCA adds an extra layer of security when end-customers make a payment online. Until now, shoppers have been able to simply enter their payment details and complete their purchase (although some businesses voluntarily choose to ask for further authentication).
SCA is a form of 2-factor authentication designed to prove that end-customers are who they say they are, with specific rules around what constitutes ‘authentication’.
It requires two forms of validation out of three available categories.‹ View table of contents Next page ›