PSD2: Strong Customer Authentication

On 14th September 2019, several new requirements for online payments will be introduced to all EU Member States.

Strong Customer Authentication for mobile ordering

On 14th September 2019, several new requirements for online payments will be introduced to all EU Member States as part of the second Payment Services Directive (PSD2), in an effort to reduce fraud and make online payments more secure.

The new requirements are known as Strong Customer Authentication (SCA).

What is Strong Customer Authentication?

Strong Customer Authentication is similar to the more commonly known, two-factor authentication.

SCA requires businesses who take credit/debit card payments online, to build additional authentication into the checkout flow, allowing the customer to authenticate their purchase with at least two of the following three elements:

Strong Customer Authentication Options
Customers will complete this authentication using a technology known as 3D Secure 2 (3DS2). Often more commonly known by its branded names, such as Visa Secure, Mastercard Identity Check or American Express SafeKey, this technology provides an extra layer of frictionless security to the checkout and payment flow.

When is SCA required?

Strong Customer Authentication will apply to “customer-initiated” online payments within Europe from 14th September 2019. As a result, most card payments and all bank transfers will require SCA. Recurring direct debits, on the other hand, are considered “merchant-initiated” and will not require strong authentication. With the exception of contactless payments, in-person card payments are also not impacted by the new regulation.

How will SCA impact wi-Q, our clients and the end-user?

Our developers have been working closely with our payment partners to ensure a seamless transition for our client venues throughout Europe, to an SCA compliant checkout and payment.

While we are ensuring 3DS2 is supported by our checkout flow and all concerning payment providers, the ‘frictionless authentication’ will only trigger when:

1.The customer is using a card where the issuing bank is EU-based.

and / or

2.The customer is using wi-Q within the EU.
This means that orders placed on wi-Q outside the EU where the card’s issuing bank is also outside the EU, are not required to comply with SCA.

While the addition of a new step to the checkout and payment flow may appear detrimental to the customer’s experience, the seamless nature of the interaction and its security improvements, should not hinder order conversion rates.

If you would like to request a demo or learn more about wi-Q and what are mobile ordering experts can do for your venue, please do not hesitate to Get in Touch.

Similar posts

Get notified on new marketing insights

Be the first to know about new B2B SaaS Marketing insights to build or refine your marketing function with the tools and knowledge of today’s industry.


Sign up