Is Your Business SCA Compliant? Tackling Fraud for Contactless and Online Payments

In response to the sharp increase in contactless and online payments during the pandemic and resulting concerns surrounding fraud, there are new rules that businesses need to be prepared for.

As part of 2018’s EU Payments Services Directive (PSD2), Strong Customer Authentication (SCA) comes into place for UK businesses in September 2021. It is already enforced in the European Economic Area (EEA), but the UK deadline has been extended due to the impact of Covid-19 on merchants.

From Wednesday 15 September 2021, every online payment will need to use multi-factor authentication to meet new security standards and your customers may need to provide two forms of identification to their bank when completing online payments.

Authentication will be completed by providing two out of three of the following:

  • Something you know (like a PIN)
  • Something you have (card or phone)
  • Something you are (like a fingerprint)

Please contact your bank or the company that provides your checkout services to ensure you will meet the new requirements by this date.

Many in-person transactions will also need to meet SCA standards. As customers may be asked to enter their PIN when making contactless payments, businesses should check with their banks to update their payment terminals if needed.

For more information, Visa have produced the following guides:

Detailed Guidance:

Checklist: Getting Ready for SCA:

Infographic on Out of Scope and Exempt Transactions:

Categories: COVID-19, News, Updates