2019-08-12 in Learning

Strong Customer Authentication

When running a magazine publishing business, we know that sometimes you have so much to keep up with, it can be difficult to see what’s urgent and what’s just more ‘jargon’ being thrown your way. With this in mind, we wanted to take some of the uncertainty out of the upcoming Strong Customer Authentication (SCA) September 14th 2019 deadline, giving you a brief overview of why it’s being introduced, what it entails and what exactly you may need to do in preparation for it.

Why is Strong Customer Authentication being introduced?

Paying for goods and services online is something that the majority of us do every single day. And yet it can still be something that many consumers are often wary about due to fears around fraud and security. In 2007 the EU first introduced a regulatory directive to help improve security around online payments known as the Payment Services Directive (PSD1). Not every retailer had previously opted for the additional security checks, however, that looks likely to not be an option for most online payments going forward.

With the growth of online payments and issues that arise from that, a revised regulation needed to be introduced to ensure consumers, retailers and card issuers are beter protected. 2018 saw the introduction of the revised Payment Services Directive (PSD2). Strong Customer Authentication (SCA) is a key revision in PSD2, requiring most online payments to upgrade their customer authentication process to include a second level of authentication. The deadline for SCA is September 14th 2019, which means it’s important to get an understanding of how your business may be affected and, most importantly, what you need to do now to ensure your publishing business is compliant.

What is Strong Customer Authentication?

The revised European Union (EU) payment services directive (PSD2) will have an impact on businesses as they get ready to comply with the enhanced security measures required under Strong Customer Authentication (SCA). As of September 14th 2019, businesses trading in or selling to customers in the European Economic Area (EEA), will be required to ensure that there are 2 layers of authentication where the cardholder’s bank and the business accepting the transaction are located in the EEA.

It’s important to recognise that the updates in this revised EU payment services directive (PSD2) mean that businesses are required to review their current payment flow and authentication process to ensure they meet the regulatory requirements of PSD2. Under SCA, companies will have to verify a customer’s identity by two of the three following elements:

Something the customer KNOWS

(e.g., password or PIN)

Something the customer HAS

(e.g., phone or hardware token)

Something the customer IS

(e.g., fingerprint or face recognition)

How do I make this a non-issue?

If you are a magazines publisher, the easy way to prevent SCA from having negative impact on your business is to use RunMags and Stripe to process payments. RunMags is a Stripe Verified Partner which means we're automatically at the forefront of how new regulations impacts our customers. Using a renowed payment processor like Stripe really helps you manage through changing market conditions.

We are continously implementing the latest Application Programming Interfaces (API) from Stripe so that our customers seamlessly get to use it, with a minimum of business interuption. Please see these resources on what Stripe has done to help us help our customers stay compliant with SCA: