The revised European Payment Services Directive, known as PSD2, has set new rules for more secure transactions in an ecosystem where it's us (banks) together with you (customers) and merchants. 🤗

For customers with cards Strong Customer Authentication (SCA) is required when paying online.

This authentication requires the use of at least two authentication factors from the following categories:

➤⠀somethingyou, as a customer, know (password, phone unlock method);
➤⠀ something you own (a mobile device);

➤⠀and something you are (fingerprint, facial recognition).

The merchant must have 3D Secure technology implemented on their site. You ask how will you recognise a merchant enrolled in 3D Secure? We've already prepared the answer. 😊

However, it may decide, under certain conditions resulting from a risk analysis, not to apply SCA requirements, i.e. not to require customers to go through extra steps to confirm payments.