FCA agrees to phased implementation of Strong Customer Authentication
From 14th September 2019, new European Union rules will start to apply that impact the way in which banks or payment service providers verify their customers' identity and validate specific payment instructions. the new riles called Strong Customer Authentication (SCA) are intended to enhance the securtiry of payments and limit fraud during this authentication process.
The FCA has today agreed an 18 month plan to implement the SCA with the eCommerce community of card issuers, payments forms and online retailers. The plan reflects the recent opinion of the European Baning Authority which set out that more time was needed to implement DCA given the complexity of the requirements, a lack of preparedness and the potential for significant impact on consumers.
Jonathan Davidson, executive director for Supervision - Retail & Authorisations commented; "The FCA has been working with the indsutry to put in place stronger means of ensuring that anyone seeking to make payments is not a fraudster. While these measures will reduce fraud, we want to make sure that they won't cause material disruption to consumers themselves; so we have agreed a phased plan for their timely introduction."
The FCA will not take enforcement action against firms if they do not meet the relevant requirements for SCA from 14 September 2019 in areas covered by the agreed plan, where there is evidence that they have taken the necessary steps to comply with the plan. At the end of the 18 month period, the FCA expects all firms to have made the necessary changes and undertaken the required testing to apply SCA.
The FCA will also continue to monitor the extent to which banks and payment service providers are meeting its expectation that they consider the impact of SCA on different groups of consumers, and provide alternative means of authentication where needed.