Online shopping is becoming more secure
The Second Payment Services Directive (PSD2) regulates payment services in Europe. But why do we need it? How will it impact you when making card payments online? What do you need to do next? Find out the answers to these questions and more.
Why do we need PSD2?
The UK is the second largest ecommerce market in the world, and one in every five pounds we spend, we spend online, mostly using our cards. These digital payments are expected to reach 2.3 billion transactions by 2026.
Unfortunately, we make up a disproportionate amount of cybercrime victims - despite making up just 1% of the global population, we account for 2% of the 978 million global victims of cybercrime and almost 4% of the global losses.
PSD2 will aim to make these payments safer and more secure, protecting us against fraud and other abuses.
What happened to PSD1?
The original PSD legislation was published in 2007 and implemented in the UK in 2009. But with rapidly changing markets, international expansion and new technologies, it was considered prudent to conduct a review. PSD was subsequently revised and a new iteration was introduced: PSD2.
What is Strong Customer Authentication (SCA)?
SCA is an authentication process that validates the identity of the user of a payment service or a payment transaction. In other words, it is a way to show that you are who you say you are when making card payments online.
Under PSD2, most payments will need two forms of identification. It is designed to be straightforward for the consumer, and it is likely that you will be required to enter a piece of information from two or more of the following categories:
• Knowledge: Something only you would know, such as a password or PIN. Information from your bank card (e.g., card number, CVV, or expiry date) are not considered to be a knowledge factor
• Possession: Something you have – for example, your smartphone or hardware token
• Inherence: Something that is part of you, for example, a biometric factor such as fingerprint or facial recognition.
Will all digital payments will require SCA?
No. There are some exemptions, including:
• Low-value transactions
• Trusted beneficiaries (you can choose to ‘whitelist’ businesses as trusted beneficiaries and then SCA will not be required)
• Subscriptions or recurring transactions
• Secured corporate payments
When will PSD2 be introduced?
PSD2 will be enforced in Europe by 31 December 2020, and in the UK by September 2021.
What do I need to do now?
As this is an important change in regulation which will help to protect you when you’re shopping online, so it’s really important that we have the correct contact details for you.
So, if you’ve changed your mobile phone number recently or your email details and have not informed us, please contact us on 0800 408 6407 to let us know.
How is Al Rayan bank adapting to this change?
We have a section on our website dedicated to this important change and we will be updating this with further information as we get closer to implementing these important changes. You can find out more here.