Today, the UK’s Financial Conduct Authority (FCA) has confirmed an 18-month delay to the introduction of Secure Customer Authentication (SCA) rules 鈥 one of the most important legislations affecting the financial sector 鈥 in a bid to give firms more time to prepare.
As part of the PSD2 directive, the requirement stipulates聽stronger payment security standards for higher value transactions based on multifactor authentication, increasing the security of electronic payments. In our increasingly digitalised world and with the explosion in cybercrime, identity theft and fraud, online payments must look to set a standard that meets the expectations of the consumer. According to data published by the FCA, reports of cyber incidents at financial services firms increased 1,000 per cent in 2018, and this figure is only expected to rise with the growth in mobile payments.[1]
Despite fraud聽losses on UK-issued cards聽increasing 19% to 拢671.4 million last year,[2]聽the FCA has bowed to pressure applied by the financial services community in extending the deadline.聽Jason Tooley, Chief Revenue Officer at聽Veridium, highlights the unacceptable length of the delay and the聽misalignment of expectations when consumers are entitled to enhanced, secure digital experiences. In response, more and more organisations daily are turning to a strategy of mobile and biometric based authentication in order to help support the required regulatory compliance.
Jason Tooley comments: 鈥淚t is disappointing to see such resistance from the financial services sector towards integrating StrongCustomer Authentication into its services. Financial institutions and payment service providers have had nearly two years to prepare聽since the initial announcement, and there is no valid excuse for the delay in its enforcement apart from an unwillingness to participate. It would be interesting to understand the prioritisation of PSD2 Strong Customer Authentication as I鈥檓 aware that a number of financial services organisations viewed this as a business differentiator.鈥
鈥淲hilst it is true that consumers will see minor changes to their day-to-day spending, the additional layer of security on higher value payments will enable consumers to benefit from safer and more innovative electronic payment services. The impact on consumers must not be overlooked by the聽lengthy delay in enforcement; Strong Customer Authentication will mean consumers are more confident when聽buying online 鈥 not act as a deterrent to sales as some have incorrectly suggested.鈥
Jason continues: 鈥淭here are technologies in the market which have the potential to alleviate the challenges posed by the regulation. True multi-factor authentication solutions can facilitate financial services institutions enhancing consumer confidence and creating a secure experience whilst ensuring the customer has a frictionless user journey. Basing the digital authentication process on combining the customer鈥檚 own technology with an open biometric approach and true step-up intelligence, will allow financial institutions to meet the regulatory requirements sooner rather than later.鈥
