Commentators in fraud warning ahead of SCA deadline

Concerns over rising online fraud is intensifying as the Financial Conduct Authority’s Secure Customer Authentication (SCA) regulatory deadline edges closer.

A key element of the EU’s Payment Services Directive (PDS2), the SCA regulation, requires the use of two independent sources of customer validation. They will finally come into force for online banking on 14 March 2020 after a six-month delay. This means certain financial providers now have only one month to prepare for the rules.

The FCA has delayed the full roll-out of the regulation to other parties until March 2021 (see our previous article, here).

However, some commentators have warned that consumers’ online security is “hanging in the balance”, with the SCA rules crucial to tackling online payment fraud.

Jason Tooley, chief revenue officer at Veridium, said one in five UK adults were impacted by online card fraud in 2019, adding that firms have no excuse to miss the deadline this time around.

“A failure to implement Secure Customer Authentication demonstrates a disregard for consumer protection,” he said.

“Now that businesses have had an extended period of six months, in addition to the two years since the initial announcement, there is no excuse to not be compliant,” Tooley said.

To meet the deadline in one month’s time, firms should be turning to technologies which have the potential to alleviate the challenges posed by the regulation, Tooley added.

Basing the digital authentication process on a combination of the customer’s own technology with an “open biometric approach” and “true step-up intelligence,” will allow financial institutions to meet the regulatory requirements before it’s too late, Tooley stated.

Previously, in its guide to the SCA, online payments platform Stripe warned the changes introduced by this new regulation are set to deeply affect internet commerce in Europe.

“Impacted businesses that don’t prepare for these new requirements could see their conversion rates significantly drop as SCA enforcement ramps across European banks,” Stripe said.

In addition to supporting new authentication methods like 3D Secure 2, the successful handling of exemptions (where specific types of low-risk payments may be exempted from the SCA) is a key component for building an effective payments experience that minimises friction, according to Stripe.