What you need to know about the PSD2 SCA delay

What you need to know about the PSD2 SCA delay

The European Banking Authority (EBA) recently delayed enforcement of Strong Customer Authentication (SCA) rules until 31 December 2020.

The delay gives national supervisory authorities, like the Netherlands’ DNB, Germany’s BaFin, or France’s Observatoire de la Sécurité de Moyens de Paiement, room to push back enforcement for 15 months if they see fit from 14 September 2019, when the rules went into effect.

This postponement covers the European Economic Area (EEA) and was put in place to give issuers, acquirers, and PSPs more time to adjust to putting two-factor authentication for all online payments in place.

What does the delay mean for Mollie merchants?

Mollie merchants will experience no disruption in payments: everything should run as usual.

What is SCA, again?

SCA rules mandate two-factor authentication for all online payments within the EEA using at least two of the following:

  • Something a consumer has (like a mobile phone)
  • Something a consumer knows (like a password)
  • Something a consumer is (like a fingerprint, or face)

Hence, when making online payments consumers would have to authorise the payment with, for example, their fingerprint on their mobile device.