Are you ready for September 14th & PSD2?
Are you ready for September 14th?
If you're not already aware, on September 14th, new requirements known as Strong Customer Authentication (SCA) will be introduced as part of the Payment Services Directive (PSD2) in the European Economic Area (EEA) with the intention of increasing protection against online purchase fraud.
In order to prepare for this, we at Pixl8 have been busy in the background ensuring that our clients' online Payment Service Provider (PSP) integrations are compliant with any changes required to best ensure a seamless transition post-deadline.
Currently, it seems there will be a fragmented enforcement of SCA with Banks across Europe but we would still recommend that anyone using an online PSP to accept "customer-initiated" payments to make preparations for the 14th September deadline to avoid any disruption to their business.
So, what impact will this have on our customers?
Strong Customer Authentication is another method banks can use to verify that the person carrying out a transaction is genuine through a technology called 3D Secure. For example, instead of just verifying their password or pin code they would be asked for an additional piece of information such as a token from an online banking app or a fingerprint. This extra step makes it more difficult for online criminals to make fraudulent transactions.
So, what does that mean for us?
So far, we've done our best to avoid our clients having to perform any action but unfortunately some PSPs require us to either:
- Make changes to how we integrate with the API or
- Make configuration changes in the PSP admin console to enable 3D Secure
So, what do I need to do now?
Below is a summary table of the different PSPs that require client action and a summary of what you need to do. If you have not already been contacted by your Project Manager about any of the below changes then please make contact at your earliest to minimise any disruption to your business.
PSP | Required Action |
SagePay | SagePay recommend that you enable 3D Secure from within My Sage Pay. If you have not already enabled 3D Secure, please find the instructions to do so here. Please also update your Project manager at Pixl8 so we can record that you have completed this action. |
WorldPay | There is a minor update to the WorldPay API which is required for instructing the PSP to ensure that the transaction is handled using 3D Secure. Please contact your Project Manager to arrange for this to be implemented in your project. |
Stripe | There is an update to the Stripe API which is required to migrate from using "Charges" to the "Payment Intents" workflow. This is required to provide the required support for SCA. Please contact your Project Manager to arrange for this to be implemented in your project. |
If your provider is not on the above list and you feel you still need to apply changes before the 14th September deadline, please get in touch with us ASAP.
Also, if you have any general questions or concerns, please feel free to contact us and we'll be happy to provide our best assistance.