EU payments bodies call for further SCA delay
A group of payments industry associations and major companies have penned an open letter to the European Banking Authority (EBA) requesting a six-month delay to the final secure customer authentication (SCA) deadline due to complications surrounding the coronavirus pandemic.
SCA standards under the second Payment Services Directive (PSD2) were originally mandated to come into force in September 2019, but the migration period was extended by the EBA to December 2020.
Major groups in the payments industry are calling for a further six-month delay for the market to be “fully ready” for the implementation of SCA. This would place the new deadline as 31 June 2021.
The signatories in the letter are led by the European Payment Institutions Federation (EPIF), and include the European Association of Payment Service Providers for Merchants (EPSM), Independent Retail Europe, Digital Europe, Visa, and Mastercard.
That extension came after a period of consultation with market participants in which the EBA was informed of the relative lack of preparation within the industry for implementation.
In the letter, the signatories acknowledge “the pragmatic and flexible approach taken by the EBA and the respective national competent authorities on the timetable for implementation.”
However, it highlights the exceptional circumstances surrounding the ongoing coronavirus pandemic has put an additional strain on all parties in the payments chain.
“Consumers are relying on ecommerce more than ever, and therefore maintaining product availability and ensuring a smooth and friction free customer journey will be a priority.”
The letter states that making a sweeping technological change “when in crisis mode” adds significant risk to any deployment, which could lead to further disruption and an adversely affected customer experience.
It adds that current crisis places restraints on the roll out of SCA technology, as time has been limited the for participants to test together, which is “essential to a safe and controlled implementation.”
Despite calling for an extension, the signatories add they have already spent considerable resources to meet the deadline for completing the implementation and “remain committed to the smooth and effective implementation of SCA.”
Amanda Mickleburgh, director for fraud management at ACI Worldwide, says that the “timely introduction” of SCA would have been a “welcome addition to the fraud prevention armoury” at a time where fraud attempts are expected to rise.
“However, pushing back the deadline for the migration to Strong Customer Authentication (SCA) standards makes sense during these exceptional circumstances.
“The financial impact of COVID on many organisations will likely mean that many will have reduced workforce and reduced budget to invest. Delaying the deadline for migration to SCA will allow for a period of financial and resource recovery.”
She adds that to avoid a “clunky” imeplementation of the new standards, its become important that all members of the payments value chain feel ready.