SCA experimentation grows ahead of deadline

Market participants are still struggling with aspects of strong customer authentication (SCA) ahead of the December 31 deadline, according to payment service providers (PSPs). “At the beginning it was very misunderstood from the perspective that it [was thought to be] the same as two-factor authentication, or something just about securing how customers authorise their transactions. …

by | August 11, 2020 | bobsguide

Market participants are still struggling with aspects of strong customer authentication (SCA) ahead of the December 31 deadline, according to payment service providers (PSPs).

“At the beginning it was very misunderstood from the perspective that it [was thought to be] the same as two-factor authentication, or something just about securing how customers authorise their transactions. It’s more than that. It’s also about making [the transaction] more transparent, which is about how the information is presented to the customer … And that second piece is actually a struggle for everybody,” says Marius Galdikas, chief technology officer, ConnectPay.

Incumbent banks struggle with legacy systems that are unable to support multi-factor authentication, whereas fintechs are often unable to confirm multiple payments at once, he says.

“How do you present that information when there’s a single confirmation for 100 payments? That’s creativity. It’s sort of up in the air and out there. Nobody’s really doing it yet and everybody will have to be in line with this regulation, but everyone is afraid because there’s no one to look at – nobody’s done it yet,” he says.

Despite market participants still working on their SCA processes, Galdikas does not believe the deadline should have been pushed. In April, the UK’s Financial Conduct Authority (FCA) delayed the SCA date until September 2021 due to the pandemic. The European Banking Authority (EBA) has not issued a delay.

Ralf Gladis, chief executive at Computop, a PSP, disagrees with the EBA’s decision to stand by the December deadline.

“In the UK, where the deadline has been extended to September 2021, merchants will have a lot more time to get their SCA implementation processes in order. However if they sell to customers in Europe, then like all EU retailers they will need to work towards an end-of-year deadline, and we believe that this is not enough time,” he said in an email.

“Online retailers have already committed huge trading expenditure so they could survive lockdown and it would be better for them if they could at least get back on their feet before having to invest considerable time in meeting SCA requirements.”

According to Gladis, instances of non-compliance will emerge in the EU come January, causing a negative long term impact on the industry.

“It’s not just merchants in the spotlight either because it’s obvious that banks and acquirers are also a long way from fulfilling their obligations to SCA. We would like to see an extension that acknowledges the difficulties in the market, but still gives all parties a target to work towards,” he said.

Galdikas says the pandemic has accelerated PSPs’ security solutions. In May, ConnectPay launched a mobile authenticator app which covers multi-factor authentication and one tap approvals for payments. He believes companies have had to increase their creativity to find new solutions fast.

“It’s an issue of priorities. Maybe before [coronavirus] SCA was not a priority as much – now it is a priority. Online presence is a must,” he says.

“[SCA] not a specific technical solution; there are many ways to do it. None of them are 100 percent as per regulation, but this is definitely a top priority.”

 

Categories:

Resources

IBS Intelligence Managing Editor Robin Amlot speaks to Mohammed Kateeb

Best Practice | Banking IBS Intelligence Managing Editor Robin Amlot speaks to Mohammed Kateeb

Path Solutions

IBS Intelligence Managing Editor Robin Amlot speaks to Mohammed Kateeb

One year after the start of the novel Coronavirus pandemic worldwide, Robin Amlôt asked Mohammed Kateeb, the Group Chairman &… Continue Reading

View resource
Time to Be Clear on Uncleared Margin Rules (UMR)

Best Practice | Risk management Time to Be Clear on Uncleared Margin Rules (UMR)

Eurobase International Group

Time to Be Clear on Uncleared Margin Rules (UMR)

Following regulatory forbearance due to Covid and the resultant extensions to the implementation dates, it is time to review arrangements… Continue Reading

View resource
Intix helps banks mitigate new transparency risks in cross-border payments

Best Practice | Payments Intix helps banks mitigate new transparency risks in cross-border payments

INTIX

Intix helps banks mitigate new transparency risks in cross-border payments

Transparency in payment processing introduces new risks – Are you protecting your reputation?… Continue Reading

View resource

New GFT podcast on AI

In the latest episode of our new podcast series on AI entitled ‘Artificial Intelligence, Intelligently Applied’, our host Simon Thompson… Continue Reading

View resource