FCA says e-commerce industry needs 18 months to be fully SCA-compliant

FCA says e-commerce industry needs 18 months to be fully SCA-compliant

FCA e-commerce SCA rules

The Financial Conduct Authority (FCA) has finalised a plan to give e-commerce players, such as card issuers, payments firm and online retailers, a grace period of up to eighteen months to implement Strong Customer Authentication (SCA) rules instead of by 14 September 2019.

The new Strong Customer Authentication (SCA) rules under the revised Payment Services Directive (PSD2) are new benchmark requirements that organisations across Europe will need to abide by to authenticate their customers and to reduce instances of fraud, especially during the payment stage.

Initially, organisations across Europe were required to change their authentication processes to implement SCA rules by 14 September 2019. However, FCA had asked for more time for the e-commerce industry, stating that given the complexity of SCA requirements, the lack of industry preparedness, and the potential of significant disruption for consumers, industry needed more time.

Responding to the European Banking Authority’s decision to fully implement new SCA rules by September this year, FCA said that before making the new rules mandatory for e-commerce players, it needed to “agree a plan with stakeholders across the industry that encompasses a blueprint for compliance and readiness, a timetable for achieving this, and key milestones and targets to deliver improved security of customer authentication and fraud reduction along the way”.

E-commerce industry gets 18 months to implement SCA rules: FCA

Earlier this week, FCA announced that it has agreed on an eighteen-month plan with the e-commerce industry to fully implement the new Strong Customer Authentication (SCA) rules which will enhance the security of payments and limit fraud once implemented.

“The FCA has been working with the industry to put in place stronger means of ensuring that anyone seeking to make payments is not a fraudster. While these measures will reduce fraud, we want to make sure that they won’t cause a material disruption to consumers themselves; so we have agreed a phased plan for their timely introduction,” said Jonathan Davidson, Executive Director for Supervision – Retail and Authorisations.

“The FCA will not take enforcement action against firms if they do not meet the relevant requirements for SCA from 14 September 2019 in areas covered by the agreed plan, where there is evidence that they have taken the necessary steps to comply with the plan. At the end of the 18-month period, the FCA expects all firms to have made the necessary changes and undertaken the required testing to apply SCA.

“The FCA will also continue to monitor the extent to which banks and payment service providers are meeting its expectation that they consider the impact of SCA on different groups of consumers, and provide alternative means of authentication where needed,” the industry watchdog said in a press release.

ALSO READ: Cyber resilience still a top concern for most UK firms: FCA

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]