Strong Customer Authentication - MGR Blog

As an online retailer, you know that a secure payment process is a critical part of your customers’ shopping experience.  This is even more important for online purchases where trust and security are the key to customer loyalty.

For online retailers offering their products to customers in the European Economic Area (EEA), a newly revised Payment Services Directive (PSD2) will come into effect this fall. PSD2 is a new (or more accurately an updated) regulatory requirement intended to increase protection against fraud for online purchases, and will have some impact on businesses in the EEA.

MGR’s commitment to our eCommerce clients includes informing them on a regular basis about new regulations as well as providing solutions for their online stores to be fully compliant all the time.  Here’s some more detailed information and what it means to you.

Understanding the revised Payment Services Directive (PSD2)

The main purpose of the revised Payments Services Directive (PSD2) is to regulate the payments industry in all countries that belong to the European Union. As a result, a new update regarding the use of debit cards and credit cards for online payments provides stronger protection for both, customers using them and retailers offering card online payments. The ultimate goal is to minimize the number of fraudulent charges and provide peace of mind to both buyers and sellers.

In order to comply with these new regulations, you’ll need to make sure that your online store is equipped with Strong Customer Authentication (SCA) for payments you accept from European buyers to help mitigate card-not-present fraud.

Strong Customer Authentication (SCA)is similar to what some people or entities refer to as two-factor authentication.  What it means is that if a customer is buying online using their debit or credit card, SCA may require them to use two forms of authentication rather than just entering their credit card information. For example, instead of just entering their PIN or password, SCA would prompt a customer to enter a code generated on their banking app as a second step. Again, the goal of this added layer of security is to make it more difficult for fraudulent transactions to get through.

Customers will be asked to enter this information only when it’s required through a technology known as 3D Secure— the extra layer of security that customers have to enter during checkout to authenticate themselves. Your customers will see the 3D Secure indicator start to show up on orders after PSD2 comes into effect.

If you’re an MGR client selling products in Germany, Ireland, the Netherlands Spain or the United Kingdom while using Shopify Payments the good news is that you don’t need to do anything. You’ll be compliant in time for the September 14th, 2019 deadline automatically.

Likewise, if your store is using Stripe in Austria, Belgium, Denmark, Estonia, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxemburg, the Netherlands, Norway, Poland, Portugal, Spain, Sweden, or the UK, you’ll also be fully compliant with PSD2 before the deadline and be able to offer SCA without any changes.

This is just one more reason why at MGR, we encourage all of our clients that are currently using third-party payment gateways to convert to Shopify and Shopify Payments or Stripe.  There’s nothing more gratifying than knowing that your payment processing system will always be compliant without worrying about new laws or regulations coming to effect all the time.

If you need more information or wish to explore what MGR can do for you, please visit our eCommerce solutions website or contact us for a free 30 minute consultation.

Thank you for reading.  Until next time, this is Manuel Gil del Real (MGR)