SCA experimentation grows ahead of deadline

Market participants are still struggling with aspects of strong customer authentication (SCA) ahead of the December 31 deadline, according to payment service providers (PSPs). “At the beginning it was very misunderstood from the perspective that it [was thought to be] the same as two-factor authentication, or something just about securing how customers authorise their transactions. …

by | August 11, 2020 | bobsguide

Market participants are still struggling with aspects of strong customer authentication (SCA) ahead of the December 31 deadline, according to payment service providers (PSPs).

“At the beginning it was very misunderstood from the perspective that it [was thought to be] the same as two-factor authentication, or something just about securing how customers authorise their transactions. It’s more than that. It’s also about making [the transaction] more transparent, which is about how the information is presented to the customer … And that second piece is actually a struggle for everybody,” says Marius Galdikas, chief technology officer, ConnectPay.

Incumbent banks struggle with legacy systems that are unable to support multi-factor authentication, whereas fintechs are often unable to confirm multiple payments at once, he says.

“How do you present that information when there’s a single confirmation for 100 payments? That’s creativity. It’s sort of up in the air and out there. Nobody’s really doing it yet and everybody will have to be in line with this regulation, but everyone is afraid because there’s no one to look at – nobody’s done it yet,” he says.

Despite market participants still working on their SCA processes, Galdikas does not believe the deadline should have been pushed. In April, the UK’s Financial Conduct Authority (FCA) delayed the SCA date until September 2021 due to the pandemic. The European Banking Authority (EBA) has not issued a delay.

Ralf Gladis, chief executive at Computop, a PSP, disagrees with the EBA’s decision to stand by the December deadline.

“In the UK, where the deadline has been extended to September 2021, merchants will have a lot more time to get their SCA implementation processes in order. However if they sell to customers in Europe, then like all EU retailers they will need to work towards an end-of-year deadline, and we believe that this is not enough time,” he said in an email.

“Online retailers have already committed huge trading expenditure so they could survive lockdown and it would be better for them if they could at least get back on their feet before having to invest considerable time in meeting SCA requirements.”

According to Gladis, instances of non-compliance will emerge in the EU come January, causing a negative long term impact on the industry.

“It’s not just merchants in the spotlight either because it’s obvious that banks and acquirers are also a long way from fulfilling their obligations to SCA. We would like to see an extension that acknowledges the difficulties in the market, but still gives all parties a target to work towards,” he said.

Galdikas says the pandemic has accelerated PSPs’ security solutions. In May, ConnectPay launched a mobile authenticator app which covers multi-factor authentication and one tap approvals for payments. He believes companies have had to increase their creativity to find new solutions fast.

“It’s an issue of priorities. Maybe before [coronavirus] SCA was not a priority as much – now it is a priority. Online presence is a must,” he says.

“[SCA] not a specific technical solution; there are many ways to do it. None of them are 100 percent as per regulation, but this is definitely a top priority.”

 

Categories:

Resources

Revenue Management: How Banks Can Create Streamlined Processes and Provide Value

Other | Banking Revenue Management: How Banks Can Create Streamlined Processes and Provide Value

SunTec Business Solutions

Revenue Management: How Banks Can Create Streamlined Processes and Provide Value

Revenue management is a crucial process for banks. From customer onboarding to deal evaluation and designing new deals, there are… Continue Reading

View resource
Digital Banking Engagement Hubs

White Paper | Banking Digital Banking Engagement Hubs

Infosys Limited

Digital Banking Engagement Hubs

In our 30-criterion evaluation of digital banking engagement hub providers, we identified the nine most significant ones — Backbase, CREALOGIX,… Continue Reading

View resource
CompatibL Cloud Q&A

Brochure / Fact Sheet | Banking CompatibL Cloud Q&A

CompatibL Technologies LLC

CompatibL Cloud Q&A

Alexander Sokol, CompatibL’s Executive Chairman and Head of Quant Research, took part in a Q&A session on cloud computing in… Continue Reading

View resource
The FBI Got Hacked | The Cyber Show, Ep 10 by ThreatAdvice

Video | Banking The FBI Got Hacked | The Cyber Show, Ep 10 by ThreatAdvice

NXTsoft

The FBI Got Hacked | The Cyber Show, Ep 10 by ThreatAdvice

Anyone can fall victim to cyberattacks, and the FBI is no exception. Earlier this month, their email servers were hacked… Continue Reading

View resource