On 14th September 2019, new requirements for authenticating online payments were introduced in Europe as part of the second Payment Services Directive (PSD2).
Under PSD2, Strong Customer Authentication (SCA) is a European requirement. Payment providers must use two separate authentication elements from the below to verify an online transaction:
- something the customer knows (e.g., password or PIN)
- something the customer has (e.g., phone or hardware token or OTP)
- something the customer is (e.g., fingerprint or face recognition).
Our online checkouts, e-commerce plugins and payment tools are fully PSD2-compliant with 3DS being handled by our third-party partner, Modirum, and the card issuers.
We have added SCA as a requirement to all Viva Wallet POS terminals. A customer PIN is requested every time transactions add up to a total of £150, or five transactions have been made, whichever comes first. There is nothing to be done on the merchant’s side as all our POS devices have been upgraded automatically.