On 14th September 2019, new requirements for authenticating online payments were introduced in Europe as part of the second Payment Services Directive (PSD2).
Under PSD2, Strong Customer Authentication (SCA) is a European requirement. Payment providers must use two separate authentication elements from the below to verify an online transaction:
- something the customer knows (e.g., password or PIN)
- something the customer has (e.g., phone or hardware token or OTP)
- something the customer is (e.g., fingerprint or face recognition).
Our online checkout solutions are PSD2-compliant with the exception of Native Checkout v1. For instructions on how to migrate to Native Checkout v2 3DS, please see Migrating from Native Checkout v1 .
Our POS terminals are PSD2-compliant through the addition of SCA. This means that a customer PIN is requested every time transactions add up to a total of £150, or five transactions have been made, whichever comes first. There is nothing to be done on the merchant’s side as all our POS devices have been upgraded automatically.