Strong Customer Authentication Deadline Looms
After a number of delays, Strong Customer Authentication is now coming into force on 14th March 2022.
Previously expected to become a legal requirement on 14th September 2021, the most recent delay has been in response to concerns about readiness in the industry due to the coronavirus pandemic.
For the consumer, Strong Customer Authentication, also known as 3D Secure v2 or PSD2, means that shopping online will now incur additional security checks, such as receiving a SMS message with a security code or using a SmartPhone App to verify your identity.
For merchants accepting online card payments, you need to ensure that you are ready to process SCA-enabled payments.
In the case of Opayo (formerly SagePay), this includes:
- Making sure that your merchant account is configured to use 3D Secure; Opayo will automatically enable 3D Secure v2 on accounts with already 3D Secure enabled but it is vital that you enable 3D Secure in the first place.
- Ensure that, if you are using custom checkout templates that they have been updated to the latest version.
The requirements have been publicised for quite some time (see links below to previous news articles for further information) but the repeated delays in implementation have meant that these changes have stopped getting the media attention that they initially did.
- Opayo (SagePay) and 3D Secure... Action Required! 18/01/2021
- Opayo (SagePay) and Strong Customer Authentication 02/12/2020
- UPDATE Strong Customer Authentication 30/09/2019
- Strong Customer Authentication for Online Card Payments 03/05/2019