Payment Service Directive (PSD2)

Strong Customer Authentication (SCA)

What is SCA?

The European payment legislation, the Payment Services Directive (PSD2), was designed to make online payments more secure – and make it more difficult for fraudsters to access your details.

To help protect your business against increasingly sophisticated online fraud, we’ve added an extra level of security checks for online payments. This is called Strong Customer Authentication (SCA), also known as Two Factor Authentication (2FA)

SCA means authentication is based on the use of two or more of the follow elements:

  • Knowledge: something only you know for example, a password or PIN.
  • Possession: something only you have for example, a bank card.
  • Inherence: something unique to you for example, fingerprints

If one of these elements is compromised, it won't affect the others as 2FA is designed to protect you.

We’ll never contact you unexpectedly to ask for your PIN, full password or to move money to another account. You should only give out personal or financial details if you’re using a service and are expecting that service provider to contact you.

What this means for your business?

You’re being asked to take extra steps to confirm it’s really you for some online transactions.

These improvements help to reduce fraud online.