Businesses Get Extra Time To Meet New Payment Processing Rules
The Financial Conduct Authority (FCA) has given UK businesses an extra 6 months to reach compliance with the new Strong Customer Authentication (SCA) rules for payment processing.
What Are The SCA Rules?
The SCA rules, introduced in 2019, are intended to the improve security of payments and limit fraud by making sure that whoever requests access to a person’s account or tries to make a payment, is the account holder or someone to whom the account holder has given consent.
These new rules, which come from the EU Payments Services Directive (PSD2), which came into effect in January 2018, mean that online payments of more than €50 will need two methods of authentication from the person making the payment e.g. password, fingerprint (biometric) or a phone number. This also means that online customers will not be able to check out using just a credit or debit card but will also need an additional form of identification.
For normal ‘card present’ situations (not online) contactless will still be OK for ‘low value’ transactions of less than €50 at point-of-sale and Chip and PIN will still be suitable for values above €50.
Recurring Payments Exempt
Where a recurring payment of the same value is being made from a card to the same merchant e.g. subscriptions and memberships, the initial set up will require authentication, but subsequent transactions will be exempt.
The first deadline for the implementation of the SCA rules was 14th September 2019 but this was put back by 18 months.
While the deadline for the implementation of SCA is still 31st December 2020 in the rest of the European Economic Area (EEA), in the UK, the FCA has now announced that, in order to help merchants who have been severely affected by the Covid-19 crisis the enforcement of SCA has now been delayed until 14th September 2021.
What Does This Mean For Your Business?
Most businesses would agree that high levels of online fraud are bad for everyone and just reduce consumer confidence, so if the introduction of new improved payment security measures can reduce fraud this will be helpful. The COVID-19 crisis has, however, hit businesses very hard and for many, it’s been a case of simply trying to keep the business going, let alone worry about how they can comply with new payment rules in time. This latest extension is, therefore, good news and should lessen the burden on merchants as the lockdown is lifted and the country tries to find the new normal in a post-COVID business environment.