PSD2 compliance
On 14th September 2019, new requirements for authenticating online payments were introduced in Europe as part of the second Payment Services Directive (PSD2).
Under PSD2, Strong Customer Authentication (SCA) is a European requirement. Payment providers must use two separate authentication elements from the below to verify an online transaction:
- something the customer knows (e.g., password or PIN)
- something the customer has (e.g., phone or hardware token or OTP)
- something the customer is (e.g., fingerprint or face recognition).
Our online checkout solutions are PSD2-compliant with the exception of Native Checkout v1. For instructions on how to migrate to Native Checkout v2 3DS, please see Migrating from Native Checkout v1 .
Our POS terminals are PSD2-compliant through the addition of SCA. This means that a customer PIN is requested every time transactions add up to a total of £150, or five transactions have been made, whichever comes first. There is nothing to be done on the merchant’s side as all our POS devices have been upgraded automatically.