As SCA Deadline Looms, Merchants Scramble

Strong Customer Authentication (SCA) will officially roll out in one month. The regulation is aimed at protecting consumers and merchants alike from fraudsters and other online criminals wishing to access their financial information, which means increased security at online checkout. While the reason for the new rule is noble, most merchants within the European Union still don’t know it exists. This lack of awareness could prove disastrous for not only the merchant, but the future of the merchant-customer relationship.

In the latest PSD2 Tracker, PYMNTS examines the continued issues surrounding SCA and merchant awareness, as well as how security and fraud protection is progressing now that data and privacy regulations are locking into place around the EU.

Around the PSD2 and GDPR World

As concerns over SCA continue to mount, some countries are still struggling with the rollout of PSD2 itself. The Netherlands still lags behind other countries when it comes to compliance, with regulators within the country citing concerns over the data protection elements of the rule.

In other countries where PSD2 has been established a little longer, it’s SCA that’s taking top priority once again. Finnish merchants are moving quickly to prepare for SCA, but many of them remain unaware of the rule to begin with, according to the Central Finnish Cooperative Society (SOK). Circumventing this problem before the regulation’s deadline remains a daunting task.

Fraud and authentication under PSD2 and SCA are also taking center stage. U.K. bank Santander has rolled out a new tool for mobile-based authentication under SCA, which uses one-time passcodes for verification. The tool was rolled out with SCA specifically in mind, according to the bank.

For more on PSD2 and GDPR, visit the Tracker’s News & Trends.

EuroCommerce On Why Merchant, Consumer Awareness Is Critical To SCA

As the SCA deadline approaches next month, how the rule will affect the merchant-customer relationship is still murky. In fact, many merchants within the EU are still unaware of SCA, which puts them at serious risk. Transactions can be flagged for improper authentication and denied, which means that online merchants may see a significant drop in their online sales and customer conversion rates. That’s why merchant — and consumer — awareness is a top priority for the EU, says Peter Robinson, payments adviser for the retail association, EuroCommerce. To learn more about how merchants are responding to SCA and how to drive awareness, visit the Tracker’s Feature Story.

Deep Dive: SCA Exemptions And What They Mean For EU Merchants

Many merchants still have lingering questions regarding SCA, and one of the main areas for such questions is SCA exemptions. While issuers, and not merchants have the final say over whether or not to flag a transaction based on a lack of authentication or otherwise, there are still some ways that transactions can go through without SCA. For merchants, that means they have valuable time to further prepare for SCA and its September 2019 deadline. To learn more about SCA exemptions and what they mean for merchants, visit the Tracker’s Deep Dive.

About the Tracker

The PSD2 Tracker™, powered by Ekata, is the go-to resource for monthly updates on the trends and changes regarding PSD2 and other privacy and data protection regulations.



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.