Europe's Strong Customer Authentication compliance regulations go into effect in September 2019. Tom Merritt explains five things you need to know to get ready for SCA.
Strong Customer Authentication (SCA), a multi-factor authentication system designed to increase the security of electronic payments, starts being enforced in Europe on September 14, 2019. It requires an extra layer of authentication for online payments beyond just credit card number and address. What do you need to know to get ready? Well… lots, but here are five things to get you started.
SEE: GDPR: A guide for tech and business leaders (free PDF) (TechRepublic)
- The basics: Each transaction will need two of the following three: Something the customer knows, like a PIN or password; something they have, like a smartphone or one-time token; and something they are, like a fingerprint or face ID scan.
- If you don't prepare, it could drop your sales: This has been done before in India in 2014. Some businesses reported big drops in conversion if they weren't properly prepared.
- There are differing interpretations you need to reconcile: Your national regulator, card networks, and issuing banks all have their own set of rules and policies, so you need to get started early to make sure you're in compliance with all of them.
- You won't need it with every transaction: Recurring payments and payments less than €30 are exempt. Customers can also whitelist merchants with their issuing bank. Prepare your systems accordingly.
- Different payment and authentication models are more suitable for different businesses: Determine which ones apply to your customers and prepare to dynamically surface the right ones.
It's another complex internet regulation you have to deal with, but on the bright side, it will likely drive adoption of secure payment methods. And, you rarely hear people complain that they have too much security on their product--well, not as much anymore.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- 10 dangerous app vulnerabilities to watch out for (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Tom Merritt's Top 5 series (TechRepublic on Flipboard)