FCA agrees to phased rollout of Strong Customer Authentication rules

Decision slammed for creating unnecessary confusion among consumers

Tablet payment

The Financial Conduct Authority has agreed to delay the implementation of the EU's upcoming Strong Customer Authentication directive after it assessed that most businesses would not be prepared for the new electronic payment rules by a 14 September 2019 deadline.

SCA, a law forming part of the EU's Second Payment Services Directive (PSD2), will require all businesses offering online payment services within the European Economic Area to enforce multifactor authentication on electronic transfers.

The changes are designed to enhance the security of payments and help reduce fraud, however, according to the FCA, the complexity of the changes is likely to create significant disruption for consumers if implemented using a hard deadline.

"The FCA has been working with the industry to put in place stronger means of ensuring that anyone seeking to make payments is not a fraudster," said Jonathan Davidson, executive director for supervision, retail and authorisations at the FCA. "While these measures will reduce fraud, we want to make sure that they won't cause material disruption to consumers themselves; so we have agreed a phased plan for their timely introduction".

Advertisement
Advertisement - Article continues below

Under the changes, the e-commerce industry of card issuers, payments firms, and online retailers will have 18 months to implement a second authentication factor for customer-initiated payments, which could include asking customers for a PIN number or biometric data in order to verify the transaction.

No regulatory action will be taken against companies which do not meet the PSD2 requirements on the 14 September, provided that necessary steps have been taken to be completely compliant at the end of the 18-month window.

However, while the change is designed to make it easier to implement the directive, some have criticised the delay for adding needless confusion to the industry.

"It is disappointing to see such resistance from the financial services sector towards integrating Strong Customer Authentication into its services," said Jason Tooley, chief revenue officer at Veridium. "Financial institutions and payment service providers have had nearly two years to prepare since the initial announcement, and there is no valid excuse for the delay in its enforcement apart from an unwillingness to participate."

"The impact on consumers must not be overlooked by the lengthy delay in enforcement; Strong Customer Authentication will mean consumers are more confident when buying online -- not act as a deterrent to sales as some have incorrectly suggested."

The FCA has said it will continue to monitor how banks and payment services are working towards meeting the new standards, as well as ensuring that alternative forms of multifactor authentication are made available to customers.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019