The European Union’s PSD2 regulations first came into force more than three years ago – January 2018 to be precise. However, some aspects of the regulations have proven harder to bring into play than others. Just this month for example, the EBA published an opinion and set deadlines on the need to remove obstacles that are preventing compliance with secure account access regulations for some payment providers.
Compliance with the rules on Strong Customer Authentication (SCA) has also seemed challenging for retailers, banks and merchants to satisfy. The rules – which we have written about before – require much stronger proof to authorise online transactions over the €30 threshold.
In fact, the SCA rules have applied across Europe since September 2019, but organisations were given until December 2020 to fully comply with the requirements. Last year, the EBA refused a request driven by Covid-19 issues to further delay full compliance across Europe but some countries – notably France, Germany and Italy – nevertheless set out their own timetable to roll-out the mechanism this year.
In the UK, no longer part of the EU but still committed to adopting these regulations, the Financial Conduct Authority (FCA) has extended the full compliance deadline to September this year. After September, non-compliant UK firms face possible action from the FCA.
The last year has also seen an increasing use of contactless, instant payment systems as consumers moved towards ‘touch-free’ systems to minimise contact with surfaces potentially carrying an infection. It’s a move that has not gone un-noticed by the EU.
In September last year, the commission published its European Retail Payments Strategy (RPS) which is now being reviewed pending adoption. The paper sets out the Commission’s thinking on payments-related regulatory changes for the next four to five years. It considers instant payments and whether further consumer protection is required for transactions that are, in principle, irrevocable. The paper also considers the option of European standards for QR codes and outlines an overall review of the PSD2 regulations and their implementation at the end of this year.
Of course, we’re big fans of the QR code, and of stronger authentication for contactless instant payments, as well as for larger payments online, in-store or straight from a printed page. Our patented, secure Onescan process uses a specially created QR code to generate a token-based exchange that can authorise transactions both small and large. It is fully compliant with the PSD2 and SCA regulations right across Europe, and easy to implement.
Our cloud-based, software-as-a-service platform also makes it easier to stay ahead of any changes to the regulations without needing to replace any hardware. And for business or consumer users, all that is required to make a payment is a smartphone with a camera – no software to download, no app to install.
It couldn’t be easier – click here to learn more.