Financial sector granted life-line extension to PSD2’s Strong Customer AuthenticationJames Stickland | November 5, 2019
Regulators put little trust in the strength of the current payment authentication system and rightly so, as fraud levels have hit an all-time high. In the last year, over 2.6 million UK accounts have been defrauded and of those fraud cases 76 per cent were remote purchases. It is estimated that overall, Europe suffers from a staggering €1.3 billion in e-commerce fraud every year. This heavy flow of crime not only affects the victims themselves, but the costs trickle down to each and every one of us in increased fees, making financial security a national priority.
As part of the PSD2 directive, the new Strong Customer Authentication (SCA) regulation will make electronic payments safer and reduce fraud, mandating two factor authentication for orders over £28. This will require two of either a password, a mobile PIN or a form of biometric authentication. While the multi-factor authentication needn’t include biometrics, it is widely regarded as being more secure, with the potential to entirely eliminate pins, passwords and tokens in a seamless fashion, increasing security whilst reducing costs. However, there is still some reluctance to make the jump into biometrics due to worry about public acceptance and maturity of the technology.
The benefits of the upcoming regulation are widespread – businesses will see their transactions made safer, providing enhanced client experience at a lower cost. The more complicated, manual authentication processes currently in use are lengthy and expensive, costs which again trickle down to the consumer; advancements for the business ultimately mean benefits for the user.
Nevertheless, big institutions must go through a roller-coaster of processes and negotiations in order to achieve compliance that can take months, with deadlines passing them by. The FCA’s recent announcement of an 18 month delay in the enforcement of the directive – with the original deadline being the Sept. 14 – allows companies not ready for the implementation of the regulation to apply for an extension.
Institutions attempting to build and maintain an ecosystem of multi-factor authentication solutions themselves will see huge value in partnering with the right organisations. Considering customer experience is the driving force behind business activity and growth, employing new solutions such as mobile based biometrics are more effective than building on outdated techniques that aren’t user focused.
While the delay presents an opportunity for businesses to get it right and understand the value of the new regulation, the FCA will look more fondly on the institutions with a plan. The key will be to truly understand the benefits of SCA and have articulated a plan of attack. In reality, regulations form an opportunity companies need to seize. By looking at forward thinking technology such as biometrics to assist driving enhanced user experience, businesses can justify to both consumers and the regulator that there was a reason after all for this purposeful delay.
This post previously appeared in Finextra.