Follow Us

Follow us on Twitter  Follow us on LinkedIn

13 September 2019

European Commission: Strong customer authentication requirement of PSD2 comes into force

As from 14 September 2019 the strong customer authentication (SCA) requirement of the revised Directive on payment services (PSD2) comes into force. The SCA requirement makes it easier and safer for consumers to pay for goods and services online and helps fight fraud.

New EU rules will make it easier and safer for consumers to pay for goods and services online and to manage their personal finances. European consumers will also get better protection against online fraud, and better access to more innovative forms of online and mobile payments.

Over time, the new rules will give consumers more choice since new and innovative operators will enter the payment market. With this entry into application, all elements of the revised Payment Services Directive (PSD2) are now in place.

Some stakeholders are still working to put these technological and practical changes in place, in line with the gradual approach suggested by the European Banking Authority in its opinion of 21 June 2019. The European Commission therefore calls on all EU Member States to ensure speedy and full implementation of all the rules.

Once the new framework is fully operational everywhere, EU consumers should be able to benefit from a safer and easier online payment environment in two key ways:

  • First, electronic payments will be even more secure thanks to the introduction of “strong customer authentication” (SCA) which will improve our means of tackling online payments fraud. SCA ensures proper identification or authentication for all payments over €30 and will now take place via an authentication process based on two specific factors supplied by the user, e.g. a password, PIN code, a mobile phone or a fingerprint. Customers will receive practical advice from their banks or payment providers on the new system.
  • Second, the new rules will facilitate the entry of new operators in the EU payment services market by applying equally to both traditional and new, innovative companies that offer regulated payment services. Consumers will be able to make payments and manage their personal finances more efficiently thanks to a wider offering of applications.

Companies offering these services, or ‘FinTechs', are now brought fully under the scope of EU rules. To enable these players to offer a full range of consumer services, banks must establish new and highly-secure communication channels to share data and authorise payments.

At the same time, ‘FinTechs' need to comply with the same level of stringent data protection standards. This modernisation of Europe's payment services will also further strengthen the Digital Single Market. The revised Payment Services Directive (PSD2, Directive 2015/2366/EU) applies since January 2018 and enables the emergence of innovative payment services, including internet and mobile payments, while at the same time ensuring a more secure environment for consumers.

Full information on European Commission

© European Commission

< Next Previous >
 Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information

Add new comment