Businesses Get Extra Time To Meet New Payment Processing Rules

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

June 12, 2020

The Financial Conduct Authority (FCA) has given UK businesses an extra 6 months to reach compliance with the new Strong Customer Authentication (SCA) rules for payment processing.

What Are The SCA Rules?

The SCA rules, introduced in 2019, are intended to the improve security of payments and limit fraud by making sure that whoever requests access to a person’s account or tries to make a payment, is the account holder or someone to whom the account holder has given consent.

These new rules, which come from the EU Payments Services Directive (PSD2), which came into effect in January 2018, mean that online payments of more than €50 will need two methods of authentication from the person making the payment e.g. password, fingerprint (biometric) or a phone number. This also means that online customers will not be able to check out using just a credit or debit card but will also need an additional form of identification.

Card Present

For normal ‘card present’ situations (not online) contactless will still be OK for ‘low value’ transactions of less than €50 at point-of-sale and Chip and PIN will still be suitable for values above €50.

Recurring Payments Exempt

Where a recurring payment of the same value is being made from a card to the same merchant e.g. subscriptions and memberships, the initial set up will require authentication, but subsequent transactions will be exempt.

Put Back

The first deadline for the implementation of the SCA rules was 14th September 2019 but this was put back by 18 months.

While the deadline for the implementation of SCA is still 31st December 2020 in the rest of the European Economic Area (EEA), in the UK, the FCA has now announced that, in order to help merchants who have been severely affected by the Covid-19 crisis the enforcement of SCA has now been delayed until 14th September 2021.

What Does This Mean For Your Business?

Most businesses would agree that high levels of online fraud are bad for everyone and just reduce consumer confidence, so if the introduction of new improved payment security measures can reduce fraud this will be helpful.  The COVID-19 crisis has, however, hit businesses very hard and for many, it’s been a case of simply trying to keep the business going, let alone worry about how they can comply with new payment rules in time.  This latest extension is, therefore, good news and should lessen the burden on merchants as the lockdown is lifted and the country tries to find the new normal in a post-COVID business environment.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.