How to Overcome the Challenges SCA Presents?

In the second post of our series on SCA (Strong Customer Authentication), Catharina Eklof, Chief Commercial Officer, IDEX Biometrics, explains what challenges SCA presents and how to overcome them.

The year 2020 has proved to be a defining moment in the move towards a cashless society, with periods of lockdown and new hygiene standards. These factors are driving a dramatic increase in touch-free payment methods in the post COVID world. As a result, the time is right to ensure that more stringent security measures are put in place to protect such touch-free payments, and it is to this end that SCA (Strong Customer Authentication) is set to be rolled out. Yet, while the advent of SCA is both inevitable and essential, its implementation is likely to be one of the most significant changes ever seen in the payments industry and this will, in turn, pose substantial challenges for card providers and financial institutions.

Introducing SCA and PSD2

SCA and PSD2 (Payment Services Directive Two) have been created with the goal of greatly improving the security of touch-free payments. The directive PSD2 mandates that SCA compliant methods be adopted by any organization which supplies payment services in the EU and was initially brought into force in January 2016. However, the deadline for meeting the SCA compliance regulations set out by PSD2 has been postponed, and now sits at March 2022.

In order to meet the new compliance regulations, any person wishing to make a contact-free payment must give their details alongside something they know (such as a pin or password), something they have (such as a smartphone), or something they are (a biometric marker such as a fingerprint or voice sample.) This new approach to transactions has been brought about due to rising levels of card fraud across the EU, as well as to improve data security. The issue of fraud is a grave concern for EU financial institutions, with losses reaching a staggering $1.55 billion in 2020 [1]. The UK alone accounted for almost half of this sum (45.36%), indicating that current methods of securing touch-free payments are far from fit for purpose.

The Challenges of Meeting SCA

While the more stringent protection demanded by PSD2 is certainly necessary, implementing it will create significant challenges. It is probable that in-person transactions will be more time-consuming at the point of sale. Furthermore, financial institutions and card providers will have to ensure that they have the technology in place to facilitate the authentication, which could involve substantial overhauls of existing IT infrastructure.

The onus is on these organizations to make their customers aware of these changes, which can pose problems too, as we discuss in our next post in the series.

Making Secure Contactless Payments Easy

The technology required to create safe, SCA compliant transactions already exists. Including a fingerprint sensor can make contact-free card payments easy, convenient, and extremely secure. As a technology already familiar to consumers through its use in smartphones and tablets, fingerprint sensors can be the ideal way to ensure a seamless transition to the new SCA payment approach.

After all, one thing is certain: SCA is inevitable, and now is the time for card providers and financial institutions to make use of the extended deadline to make the right choices the first time.

The previous post in our series on SCA (Strong Customer Authentication), we discussed about how biometric payment cards allow card providers to achieve SCA compliance without compromising on customer experience.