DIGITALEUROPE proposes key recommendations for a successful implementation of Strong Customer Authentication (SCA)
DIGITALEUROPE today has released its official position paperdelivering 5 key recommendations to ensure an effective and harmonised European approach to the phased implementation of SCA rules.
The recommendations will reduce the threat of market fragmentation and inconsistency across Europe. If administered the recommendations will pre-empt the many difficulties that will arise from the payment service providers (PSPs), and many merchants across Europe lagging behind in their preparations to meet SCA requirements. It will also give an opportunity to boost consumer awareness. Based on discussions with the industry, DIGITALEUROPE considers a duration of 18 months to be a reasonable, compromise solution which would allow all relevant European stakeholders to get ready, including the onboarding of the long tail of merchants and consumers.
Cecilia Bonefeld-Dahl, Director-General of DIGITALEUROPE states:
Our industry and policymakers are aligned. DIGITALEUROPE supports the Regulation that will deliver stronger safeguards to consumers.
We are committed to the unprecedented effort from the whole industry that will be required to implement the SCA.
Let’s get the implementation right and prevent any disruption to e-commerce that is set to generate €621 bn in 2019. More than 75.000 companies, many of them small, are dependent on e-payment services.
€ 621 billion
size of the European e-commerce market
Recommendation 1: A harmonised, European transition term, with a duration of 18 monthswith a final compliance deadline of 14 March 2021
DIGITALEUROPE strongly recommends a harmonised, European approach to provide a transition period with the same deadlines in all EU member states.
Recommendation 2: Harmonised and monitored roadmaps
Relevant authorities are encouraged to draw up a simple, harmonised roadmap with interim milestones and deadlines, to be applied uniformly in all EU member states and monitored by national competent authorities (NCAs). DIGITALEUROPE’s Position Paper provides an outline.
Recommendation 3: Permission not to use SCA or to use legacy solutions for SCA during the transition term
A certain discrepancy in the level of readiness will necessarily exist. We ask NCAs permission not to decline transactionswhich are sent without the data and information necessary for SCA and to use legacy/existing authentication solutionswithout changingcurrent provisions on the allocation of liability for fraud between merchants and PSPs.
Recommendation 4: Clear and timely communication by NCAs and the EBA
We ask for a strong and clear signal from all NCAs agreed in all countries whether flexible enforcement will be granted. Our industry also needs to clearly understand what to expect after the regulation takes effect. The EBA and the NCAs are strongly encouraged to communicate their final and fully comprehensive decisions in a timely manner.
Recommendation 5: Introduce a permanent and targeted exemption for remote and unconnected environments.
The provision of online and unconnected sales on board aircraft, ships and other remote areas, such as oil platforms, have no technological solutions able to effectively address all potential methods banks may utilise to comply with SCA. For example, air passenger purchases must receive a verification code. If the passenger cannot receive the verification code, the SCA rules will require the cardholder’s bank to decline the transaction.