By The European Consumer Centre (ECC) has announced that online credit card payments will only be permitted with strong authentication.
On the 15th of March, it will no longer be sufficient for credit card payments online to only need the card number, the expiry date and the check digit, now strong customer authentication is required. Other EU countries have already implemented this additional security for customers earlier than Germany.
To make credit card payments, buyers must prove they are the actual cardholder and that they are authorized to make payments on the Internet with this card. This is regulated by the European PSD2, the payment services directive.
The PSD2 guideline does not only apply to online credit card payments, but also to transfers on the Internet or the use of payment services such as PayPal. The aim of the guideline is to increase payment security, to strengthen consumer protection, promote innovation and increase competition.
In the future, two out of three factors will be necessary to be able to pay online. The three factors are credit card information, confirmation of knowledge of a password, and inherence, meaning that the user proves something that is specific to the buyer, such as a fingerprint. Providers are solving this by sending a transaction number (TAN) to the buyer’s mobile phone, which must be entered during the payment process.
Comments