In an attempt to reduce the risk of fraud for consumers, new European regulations are being implemented that are intended to improve payment security online. This will include security checks by banks and retailers for online shopping and logging into accounts.
The risk of online fraud is a massive concern for many consumers, especially within the financial sector, which has a longstanding problem with scams. According to research, in the first half of 2018, UK consumers had an estimated £503.4 million stolen.
Therefore, going forward, all payment providers in the European Union will be legally required to make additional checks before you make a purchase. They will need to make sure that it’s you making the purchase using “strong customer authentication” (SCA).
This means that, rather than only asking for your name and card detailers, retailers and banks will need to make extra checks to confirm your identity, like a one-time passcode sent to your mobile via SMS.
The regulations say that banks must identify every customer using at least two independent factors. This could be something only known by you, like a pin or password; something only you are in possession of, like a card reader or registered device; or something unique to you, like voice recognition or a digital fingerprint.
In cases where it’s not possible to identify the customer, payments will be declined. The only exceptions to this will be in low-risk payments: payments that are of low-value – under €30, recurring payments, or retailers that consumers add to their “whitelist”.
So, if you take out a subscription, you will only be asked to prove your identity once, at the beginning, and then you will be able to make payments without checks. And if you’re making lots of purchases with one retailer, you will only have to authenticate your details once, too.
Many banks already ask for security codes, pins, or the use of a card reader to access online banking accounts. These are already compliant with the SCA, but banks not following these precautions will need to introduce them by March 2021, in line with the regulations.