As SCA Deadline Looms, Merchants Scramble

Strong Customer Authentication (SCA) will officially roll out in one month. The regulation is aimed at protecting consumers and merchants alike from fraudsters and other online criminals wishing to access their financial information, which means increased security at online checkout. While the reason for the new rule is noble, most merchants within the European Union still don’t know it exists. This lack of awareness could prove disastrous for not only the merchant, but the future of the merchant-customer relationship.

In the latest PSD2 Tracker, PYMNTS examines the continued issues surrounding SCA and merchant awareness, as well as how security and fraud protection is progressing now that data and privacy regulations are locking into place around the EU.

Around the PSD2 and GDPR World

As concerns over SCA continue to mount, some countries are still struggling with the rollout of PSD2 itself. The Netherlands still lags behind other countries when it comes to compliance, with regulators within the country citing concerns over the data protection elements of the rule.

In other countries where PSD2 has been established a little longer, it’s SCA that’s taking top priority once again. Finnish merchants are moving quickly to prepare for SCA, but many of them remain unaware of the rule to begin with, according to the Central Finnish Cooperative Society (SOK). Circumventing this problem before the regulation’s deadline remains a daunting task.

Fraud and authentication under PSD2 and SCA are also taking center stage. U.K. bank Santander has rolled out a new tool for mobile-based authentication under SCA, which uses one-time passcodes for verification. The tool was rolled out with SCA specifically in mind, according to the bank.

For more on PSD2 and GDPR, visit the Tracker’s News & Trends.

EuroCommerce On Why Merchant, Consumer Awareness Is Critical To SCA

As the SCA deadline approaches next month, how the rule will affect the merchant-customer relationship is still murky. In fact, many merchants within the EU are still unaware of SCA, which puts them at serious risk. Transactions can be flagged for improper authentication and denied, which means that online merchants may see a significant drop in their online sales and customer conversion rates. That’s why merchant — and consumer — awareness is a top priority for the EU, says Peter Robinson, payments adviser for the retail association, EuroCommerce. To learn more about how merchants are responding to SCA and how to drive awareness, visit the Tracker’s Feature Story.

Deep Dive: SCA Exemptions And What They Mean For EU Merchants

Many merchants still have lingering questions regarding SCA, and one of the main areas for such questions is SCA exemptions. While issuers, and not merchants have the final say over whether or not to flag a transaction based on a lack of authentication or otherwise, there are still some ways that transactions can go through without SCA. For merchants, that means they have valuable time to further prepare for SCA and its September 2019 deadline. To learn more about SCA exemptions and what they mean for merchants, visit the Tracker’s Deep Dive.

About the Tracker

The PSD2 Tracker™, powered by Ekata, is the go-to resource for monthly updates on the trends and changes regarding PSD2 and other privacy and data protection regulations.



Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.