SSCA implementation has been delayed until September 14th 2021 in the UK. A move made by the SCA - this move has not been mirrored by the European Commission who state that Merchants have had sufficient time to prepare for SCA; refusing to extend their deadline beyond December 31st 2020*
This paper outlines the details of the longawaited transition to and adoption of, PSD2’s new regulatory technical standards (RTS) regarding SCA.
To maximise visible security in electronic payments and prevent fraud online, the implementation of SCA and subsequently 3D Secure 2, are for the majority, necessary protocols.
These protocols were to be met by merchants within the EU and European Economic Area by September 14th, 2019. However, on August 13th following the recommendation of the EBA (European Banking Authority) the UK’s FCA – Financial Conduct Authority – agreed to an 18-month phased implementation of SCA elements.
Despite the deadline now being firmly set in law, SCA has become the subject of much ambiguity and discussion. Resulting in this later active enforcement date of March 2021, the roll out of information regarding the RTS has been defined as inconsistent.
Director General of the Emerging Payments Association; Tony Craddock, concludes that the information suggests that SCA compliant merchants are poised to be at a disadvantage without carefully navigating the complex minefield of information before them thus far. Andrew Cregan of the British Retail Consortium further said, “The technical solutions weren’t going to be ready on time, nor the guidance to go with them,” continuing that it was far too easy for authentication elements to increase abandoned sales if they were improperly aligned with customer contact information at the time of integration.
In an effort to clarify and inform merchants of this mandatory directive (otherwise known as RTS), this paper will overview the changes of PSD1 to PSD2, and the new addition of SCA. It will also cover the change of 3D Secure 1 to its second version; 3D Secure 2, and the necessary measures needed for merchants to become compliant in all the above.
The paper will also cover the changes to open banking, as well as provide an overview of the benefits and negative restrictions on customers and merchants within the EEA and out-of-scope areas. This discussion will cover the customer/merchant relationship within e-commerce, as well as outline any exemptions to this directive.