Strong Customer Authentication (SCA) is a security measure embodied within The Revised Payment Services Directive (PSD2) as a set of regulations for payments which came into force last year. This is typically only relevant to online payments, as it requires two-factor authentication for eCommerce. However, this has significant implications for customers in-store that merchants need to understand to maintain a seamless experience.
We’ve devised a quick guide to understanding SCA for your customers, and how BMS can help.
What Is Strong Customer Authentication (SCA)?
In simple terms, SCA in-store initiates when a customer is asked or prompted to insert their debit/credit card and enter their pin after a certain number of contactless transactions. To prevent fraud, card issuers typically place this threshold at around five consecutive contactless transactions.
This prompt has wider implications in what is required from a customer to make a purchase. These conditions have been nicely broken down and condescended into three clear functions by Visa:
1. Something they have
Paying contactless for transactions requires possession of a mobile phone or a device that enables Near Field Communication. This will also require a terminal that allows for contactless payments to occur. When a certain threshold for consecutive contactless payments is reached, then a customer will need to have their debit/credit card handy to enter the pin.
2. Something they know
A customer, when prompted, will need to know their pin number – accessible through their online portal to the issuing bank. As a merchant, you’ll need to walk a customer through the process of telling them to use their pin.
3. Something they are
Often when it comes to contactless payments, most operating systems on mobile devices allow the use of biometrics, either face or fingerprint scan. If this is declined due to the cap, then the customer will have to resort to the former points.
It is important for merchants to understand how changes in security is affecting customers and why they are in place. Understanding this can make merchants more aware on how they can help customers be safe and explain to them why SCA is needed.
SCA is crucial in today’s digital age to protect both businesses and customers from fraud and unauthorised transactions. Implementing robust authentication measures not only enhances security but also builds trust with your customers, as they feel confident that their sensitive information is well-protected. By prioritising SCA, businesses can significantly reduce the risk of financial losses due to fraud, comply with regulatory requirements, and provide a safer, more reliable payment experience.
How BMS can help
Bespoke Merchant Solutions offers a free comparison service for any contract, while also offering a personalised Account Manager. We will also have your security on top of our list which is why we will source a trusted Compliance Manager who will work with you to understand your business. Your Compliance Manager will fill out the PCI compliance form for you and keep on top of compliance management, leaving you to get on with what you do best.
Simply fill in the form below or call us on 0800 989 0142. We look forward to hearing from you!