Extra security for online payments: delayed introduction
- Sam Robinson
- On August 24, 2019
The launch of a new rule to increase the security of online payments has been delayed. ‘Strong Customer Authentication’ (SCA) was originally going to be introduced on 14 September 2019, but the Financial Conduct Authority has now given businesses an extra 18 months to prepare for the change.
What is the new rule?
If your salon or barbershop accepts payment for goods or services online you will need to comply with the SCA rule.
“Clients who pay online via a credit or debit card will have to provide an additional form of identification,” says NHF/NBF chief executive Hilary Hall. “The aim is to prevent fraud which has continued to increase over the past decade.”
What will clients have to do?
If their payment is over the equivalent of €30 (30 euros) they will need to provide extra security information. This will be in addition to the usual name, card number, expiry date and three-digit number on the back of the card. Otherwise the payment will be declined by their bank.
Three types of additional security information can be used:
Knowledge – this is something only the cardholder knows such as a password or PIN.
Possession – this is something only the cardholder possesses such as a smartphone or an app.
‘Inherence’ which simply means something unique to the cardholder’s body such as their fingerprints, voice recognition or an eye scan.
The new SCA rule will not apply to payments taken over the phone. Chip & PIN already complies with the SCA rule and contactless payments are exempt.
What do you need to do?
“Although you now have longer to prepare, speak to your payment software provider to check that your site will be ready for the new rule,” says Hilary, “and add some information to your online payment pages to explain you will be complying with the new rule. That way clients will understand that you’re helping to protect them from fraudsters, rather than inconveniencing them.”
To find out more visit NHF here.