Skip to content
FREE DELIVERY on all orders, whatever the Price!
FREE DELIVERY on all orders, whatever the Price!
Understanding PSD2 and Strong Customer Authentication

Understanding PSD2 and Strong Customer Authentication

When shopping on Storeline UK you might notice an extra security step. This is called 3D secure and it is required by most banks and building societies in the UK since the 14th of September 2019. When shopping on Storeline UK, after adding your card number you might be redirected to another page to verify your identity. This varies depending on your card issuer, but usually consists of entering a four to eight digit code sent to you via SMS message. If you use a card you have saved on our site, Storeline UK will send you a six digit code via SMS message as usual, but your bank might still require separate verification.

You might also be asked to enter your PIN regularly when using contactless in physical stores - you can avoid this by using Apple or Google Pay.

These changes are industry standard and will affect all sites and services in the European Union, this is to protect you, the consumer, from fraud when shopping online, for more information on fraud, here is a link to our page on scams: https://storelineuk.com/pages/fraud

This is the requirement for all businesses within the European Economic Area (EEA):
Businesses need to check two out of three of the following; Something the customer has (mobile phone, card reader), Something the customer is (fingerprint, face scan), Something the customer knows (password, pin).

And here is a copy of the information provided by Keith Hum, a product management leader at Shopify Canada:

"

Payments is a key part of the shopping experience no matter where and what you’re selling, but it’s especially important online, where trust and security are top of mind. 

If you’re selling in the European Economic Area (EEA), you may have heard about the revised Payment Services Directive (PSD2). It’s a regulatory requirement intended to increase protection against fraud for online purchases and will have some impact on businesses in the EEA. 

Below, we’ll help you navigate these complexities of selling so you can focus on running and growing your business. Here’s an overview of what’s happening and what it means for you.

What is the revised Payment Services Directive (PSD2)?

The revised Payments Services Directive (PSD2) regulates the payments industry in the European Union. One of the major updates that comes into effect this year is stronger protection for customers who shop online using their debit and credit cards. This protects you too: fewer fraudulent charges is good for everyone.

To comply with these new regulations, you’ll need to make sure you have Strong Customer Authentication (SCA) to help mitigate card-not-present fraud from payments accepted from European buyers. 

What is Strong Customer Authentication (SCA)?

Strong Customer Authentication is similar to what many people refer to as two-factor authentication: if a customer is buying online using their debit or credit card, SCA may require them to use two forms of authentication. As an example, instead of just entering their PIN or password, Strong Customer Authentication would prompt a customer to enter a code generated on their banking app as a second step. This makes it harder for fraudulent transactions to get through.

Customers are asked to enter this information only when it’s required, through a technology known as 3D Secure—an extra layer of security that customers have to enter during checkout to authenticate themselves. Your customers will see the 3D Secure indicator start to show up on orders after PSD2 comes into effect. 

What does PSD2 mean for Shopify merchants?

If you’re using Shopify Payments to process credit or debit cards in Germany, Denmark, Ireland, the Netherlands, Spain, or the United Kingdom, you don’t need to do anything. You’ll be compliant in time for the September 14, 2019, deadline automatically. Shopify Payments is optimized to minimize the use of 3D Secure. It will only use 3D Secure when absolutely required by the issuing bank in order for a transaction to be authorized successfully. 

If you’re using Stripe to process credit or debit cards in Austria, Belgium, Denmark, Estonia, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxemburg, the Netherlands, Norway, Poland, Portugal, Spain, Sweden, or the UK, you’ll also be fully compliant with PSD2 before the deadline and be able to offer SCA without any changes.

Local payment methods such as iDeal and Klarna, and wallets like Google Pay, Apple Pay, and PayPal Express, are already compliant with the regulation and require no action for merchants.

For merchants who want to stay on their third-party gateways, they will not automatically be in compliance with PSD2 on September 14. To be in compliance, we recommend these merchants create a connection with Cardinal Commerce. These merchants will be prompted within their Shopify admin that Cardinal Commerce is available for them, and the onus is on the merchant to decide if and when they want to sign up and enable this solution. We recommend that merchants take this action as soon as possible in order to meet the September 14 deadline.

When will PSD2 be enforced?

We anticipate that the enforcement of the SCA requirement will be phased and fragmented across Europe (see updates by country). As an example, earlier this month, the UK regulator granted an 18-month phase-in period to give banks and businesses more time to prepare for these new requirements. The biggest impact of this uncertainty is on merchants not using Shopify Payments or Stripe. 

Over the next 18 months, merchants will start seeing orders that have used SCA for payment processing within their Shopify orders page. Orders paid with debit or credit cards that have gone through 3D Secure will have 3D Secure (3DS) noted beside the order timeline. This means the buyer’s identity has been confirmed by the bank who issued the card and the transaction will default to low risk. There is no action required for the merchant within the orders page for these transactions.

"

Previous article Protecting yourself from fraud when shopping online
Next article 5 life saving products you can't believe you've lived without!!!

Comments

Thomas Connolly - September 18, 2019

If you have any questions or queries regarding how these changes will affect you, feel free to send an email to support@storelineuk.com or call +44 330 043 1357 or use the live chat in the bottom right of any page.

Leave a comment

* Required fields