English:
Strong customer authentication (SCA) becomes mandatory this fall - action needed
New requirements for card payments online
September 14, 2019 is an important date for the e-commerce industry in Europe. A legal change is introduced requiring all card payments online to be verified by the buyer, only a few types of payments are exempt. The verification of payments is made by the consumer, who must approve the payment with two-factor authentication. This is done by using Strong Customer Authentication (SCA). Verified by Visa, Mastercard SecureCode, Amex SafeKey and Dankort Secured by Nets are all examples of Strong Customer Authentication.
What do you need to do?
It will be mandatory to use Strong Customer Authentication for all e-commerce transactions* after September 14, 2019. If you do not already use Strong Customer Authentication, you MUST TAKE ACTION before September 14, otherwise you risk that all your card transactions will be denied.
- Contact your acquirer and ask them to enroll you in Verified by Visa, Mastercard SecureCode, Amex SafeKey and/or Dankort Secured by Nets, depending on your accepted card types. Ask them to confirm the enrollment to DIBS.
- We will email you when we have registered and tested your Strong Customer Authentication enrollment.
If Nets is your acquirer for Visa and Mastercard, you just need to contact DIBS, and we will help you.
If you are unsure if you are using Strong Customer Authentication, please email us at support@dibs.se and we'll check it for you.
Changes required for saved card payments (recurring and card-on-file)
If you are offering your customers to save their card to enable fast checkout, recurring or card-on-file payments, you must ensure that these payments are setup correctly to avoid declined payments after September 14. Please make sure to visit this page for further information and forward the information to your technical resource.
Why are the rules changed?
This change is one component of the effort to transform EU to a single internal market where the same rules apply to everyone and where consumer protection is strong. The requirement is part of the EU regulatory framework PSD2 (Payment Service Directive 2) and the requirement for verification is called SCA (Strong Customer Authentication). The verification of the payments is done by the consumer approving the payment using 3D Secure for Visa and Mastercard transactions, Amex SafeKey for American Express and Dankort Secured by Nets for Dankort transactions.
If you want to hear more about the new rules you are welcome to attend our webinar July 2nd for more details.
* There are a few transaction types that are exempt, such as MOTO (Mail Order / Telephone Order) payments.
Best regards,
DIBS Payment Services