More than a year after the European Payments Council published its new requirements for face-to-face payment-card transactions in the Euro zone, the EPC has unveiled its proposed rules for online payments and other card-not-present (CNP) transactions.
Along with mobile and e-commerce transactions, the new CNP rules will also apply to telephone sales and orders by mail throughout the Single Euro Payments Area (SEPA). Payments stakeholders will have until June 5, 2015, to offer feedback on the CNP proposal.
The EPC published version 7.0 of its SEPA Cards Standardization Volume in January 2014, covering card-present transactions. Those requirements are now in a three-year rollout period that will last until January 2017.
Along with CNP requirements, the new SCS Volume — version 7.05 — includes enhanced pre-authorization requirements for both card-present and CNP payments, with a focus on merchants and service providers in hospitality businesses such as hotels. It also includes a card-processing framework that defines business principles and requirements for market access and participation in card processing services.
After the comment period, an updated version of the SCS Volume will be published, including the new CNP and pre-authorization rules. Then payments businesses will have three years for implementation, a rollout period that is expected to end in early 2018.
The EPC develops the SCS requirements along with the Card Stakeholders Group, which represents retailers, vendors, processors and card brands. The purpose of the requirements isn’t to create standards or specifications for SEPA, but to lay out an interoperable framework that conforms to existing international payment card functional and security standards, so they line up with ISO, EMVCo, and PCI DSS requirements, according to a statement by the EPC.
That coordination is crucial, since the EPC’s requirements will also apply to non-Euro zone countries by Oct. 31, 2016, for euro payments and direct deposits. At that point, the SEPA standards are expected to affect 500 million people and 71.5 billion electronic payments per year, including a significant number to U.S. banks, companies and individuals.