How-To

How To Be Compliant For Strong Customer Authentication (PSD2/SCA) And Protect Your Users

The Strong Customer Authentication (SCA) requirement protects users from fraud during online payments and purchases. The regulation requires online platforms and banks to use at least two independent authentication factors to verify that the user is authorized to access an account or make payments.

SCA PSD2 Online Payment

The Strong Customer Authentication timeline

SCA came into force in Europe as part of the second Payment Services Directive (PSD2) on September 14, 2019. A final enforcement deadline was initiated for December 31, 2020. Countries have then responded with individual enforcement timelines taking into account preparation and implementation efforts.

In the United Kingdom, e-commerce and banking are two industries that have received extensions for enforcement to March 14, 2022. The reasons are due to circumstances such as COVID and lack of industry readiness. Nevertheless, enterprises continue to struggle to implement satisfactory solutions that meet all types of user groups without increasing user friction.

What does Strong Customer Authentication require

When making transactions or accessing online accounts, the user needs to provide two of the following factors:

manualEntry fingerprint mobile
SOMETHING THE USER KNOWS like a username SOMETHING THE USER IS like fingerprint or face recognition SOMETHING THE USER HAS like a mobile phone

When the criteria are not met, payments that require SCA will be declined by the banks. If the online platform does not provide a method for minimum two factor authentication for the user, then the user will not be able to make the online payment or purchase. Such cases lead to user frustration, cart abandonment, dropouts, and loss of revenue and sales.

Impact on security and user experience from enterprise perspective

Particularly enterprises in the e-commerce, payments, and banking space struggle to find the right authentication method to meet SCA requirements. The reason is that implementing the wrong one leads to user friction and dropouts during a purchase or onboarding process.

Further friction to the user experience is highlighted in the recent studies from the UK. In online retail and e-commerce spaces, only 44% of businesses are prepared for SCA implementation. Meanwhile, e-commerce platforms in the UK experienced 37% of shoppers switching retailers to complete purchases. Shoppers are also unlikely to continue with retailers where payments are rejected without an explanation.

How Futurae helps you instantly meet Strong Customer Authentication requirements

The new set of rules are set to change the fundamental structure of how users authenticate when making online payments and purchases. With the enforcement deadline already passed, certain industries and companies fail to successfully meet SCA requirements.

We are convinced that security should not compromise on user experience and meeting regulatory compliance should be effortless when it comes to authentication processes. Moreover, putting in place such a system and adjusting to ever changing requirements should be easy and uncomplicated. Here Futurae can help you with distinct customer needs. The diverse user experiences coupled with superior security can easily be fulfilled with Futurae’s Authentication Platform. Quick and easy implementation means that Futurae services can be integrated within a couple of days or weeks based on the customer specification. With just one Futurae solution you can ensure secure transaction confirmation with 3D Secure 2.0 and dynamic linking PSD2 compliance.

Learn more about Futurae’s SCA compliant products. If you have questions or feedback, please let us know.