Understanding Strong Customer Authentication (SCA) for Online Payments in Ireland

Slide Note
Embed
Share

The Irish Retail Payments Forum at the Central Bank of Ireland discusses the implementation of Strong Customer Authentication (SCA) under PSD2 regulations. SCA aims to enhance security by validating user identity through two-factor authentication. The deadline for full SCA migration is set for December 31, 2020, with specific requirements for online transactions. Market uncertainty and revised migration deadlines have shaped the preparation process for SCA compliance.

kennide
kennide Follow

Uploaded on Oct 02, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Irish Retail Payments Forum Central Bank of Ireland - RESTRICTED

  2. PSD2 Strong Customer Authentication Barry Harrington Central Bank of Ireland Central Bank of Ireland - RESTRICTED

  3. 3 Background EU Commission developed the Directive - Directive 2015/2366/EU (or PSD2) PSD2 transposed into Irish national law on 13 January 2018 Payment Services Regulations (PSR) The Regulatory Technical Standards on Strong Customer Authentication (RTS on SCA) entry into force 14 September 2019. Central Bank of Ireland - RESTRICTED

  4. 4 Strong Customer Authentication (SCA) Full migration to SCA deadline is 31 December 2020 The EBA developed the Regulatory Technical Standards (RTS) on SCA It was published in June 2017. While PSD2 came into effect in January 2018, the effective date of the RTS on SCA was deferred until September 14 2019. This was to allow industry more time to prepare for what is a large and complex change. The overall purpose of SCA is to contribute to reducing fraud for online payments. SCA is a process that validates the identity of the user of a payment service or of the payment transaction. Based on the use of a process known as two-factor authentication . Central Bank of Ireland - RESTRICTED

  5. 5 SCA How it works A payment service provider must apply strong customer authentication where a payer - accesses its payment account online, initiates an electronic payment transaction, or carries out any action through a remote channel which may imply a risk of payment fraud or other abuses. Two or more elements of the following must be used to validate the user: knowledge (something only the user knows, e.g. a password or PIN), possession (something only the user possesses, e.g., authentication code generating device), inherence (something only the user is, e.g., fingerprint or voice recognition). Plus for remote (primarily online) transactions a unique authentication code which dynamically links the transaction to a specific payee and a specific amount must also apply Central Bank of Ireland - RESTRICTED

  6. 6 SCA Implementation SCA will be applied for online transactions (e-commerce). The RTS, when published in 2017, was deliberately vague on what exactly would qualify as an element of SCA, as it had to be seen as technologically neutral. However, this led to a lot of market uncertainty in how to prepare for SCA and the Sep 14 deadline The EBA released an Opinion in June 2019, 3 months before the SCA deadline, outlining this information, meaning the solution the Irish market, and many others, had been working towards would not be SCA compliant. The EBA released an Opinion in October 2019 setting 31 December 2020 as the revised deadline for migration. Migration plans are required to be submitted by issuing and acquiring PSPs by 31 December 2019. National Competent Authorities require issuing and acquiring PSPs to have completed their migration plans by 31 December 2020. Central Bank of Ireland - RESTRICTED

  7. 7 SCA Migration planning EBA opinion and migration planning requires PSPs to Identify the SCA-compliant authentication approaches Identify what SCA exemptions do you intend offering Explain how users will be enrolled into these authentication approaches Inform PSUs about the SCA-compliant authentication approaches Inform PSUs what exemptions will be utilised Establish educational campaigns as needed Central Bank of Ireland - RESTRICTED

  8. 8 SCA Out of scope Telephone and paper based transactions Payee initiated transactions (Direct Debits) SCA required for initial set up if online Gift cards Outside of EEA transactions Central Bank of Ireland - RESTRICTED

  9. 9 SCA - Exemptions Payment Account Information Contactless transactions Unattended terminals Parking/Transport Trusted Beneficiaries Recurring transactions Standing orders Own account transfers Low value payments Corporate payments Transaction Risk Analysis Central Bank of Ireland - RESTRICTED

  10. 10 SCA key messages EBA opinion sets final migration deadline for SCA ecommerce migration as 31 December 2020. Essential to examine how this will impact on payment processes Talk to your bank and merchant acquirer as soon as possible to examine pathway to compliance Central Bank of Ireland - RESTRICTED

  11. Irish Retail Payments Forum Central Bank of Ireland - RESTRICTED

  12. BREXIT Central Bank of Ireland - RESTRICTED

  13. Irish Retail Payments Forum Central Bank of Ireland - RESTRICTED

Related


IEEE 802.11-23/1913r1 Secondary Channel Access Operation

IEEE 802.11-23/1913r1 Secondary Channel Access Operation

olin
Sudden Cardiac Arrest in Intercollegiate Athletics: Are You Prepared?

Sudden Cardiac Arrest in Intercollegiate Athletics: Are You Prepared?

abaro
Understanding Authentication Mechanisms and Security Vulnerabilities

Understanding Authentication Mechanisms and Security Vulnerabilities

lev_tre
Understanding SCA Fringe Benefits Regulations

Understanding SCA Fringe Benefits Regulations

adelheide
Understanding Sudden Cardiac Arrest (SCA) and AEDs

Understanding Sudden Cardiac Arrest (SCA) and AEDs

maybellen
Understanding the Service Contract Act (SCA) and its Requirements

Understanding the Service Contract Act (SCA) and its Requirements

cjaz
Secure Authentication Using ISO 15693 RFID Tags

Secure Authentication Using ISO 15693 RFID Tags

rtrez
Evolution of User Authentication Practices: Moving Beyond IP Filtering

Evolution of User Authentication Practices: Moving Beyond IP Filtering

rin_fi
Importance of Good Customer Service in Organizations

Importance of Good Customer Service in Organizations

marla
Understanding Customer Relationship Management (CRM) for Business Success

Understanding Customer Relationship Management (CRM) for Business Success

rainey
Understanding Kerberos Authentication in Network Security

Understanding Kerberos Authentication in Network Security

pcapp
Security and Authentication in Electronic Filing Systems: Arkansas Subcommittee Report

Security and Authentication in Electronic Filing Systems: Arkansas Subcommittee Report

harri
DAVA Drugs Authentication & Verification Application by National Informatics Centre

DAVA Drugs Authentication & Verification Application by National Informatics Centre

ruxt_322
Setting Up Multi-Factor Authentication at Moraine Park

Setting Up Multi-Factor Authentication at Moraine Park

leid_3
Ireland's Neutrality in World War II

Ireland's Neutrality in World War II

saarah
Contrasting France and Ireland: European Neighbors' Climate, Transport, and Agriculture

Contrasting France and Ireland: European Neighbors' Climate, Transport, and Agriculture

eley579
The Republic of Ireland: Basic Information and Overview

The Republic of Ireland: Basic Information and Overview

iyan_959
Understanding SCA Section 4(c) and Wage Determinations

Understanding SCA Section 4(c) and Wage Determinations

wisener_s
Community Heart Safety and Awareness Initiative since 2012

Community Heart Safety and Awareness Initiative since 2012

raylan
Enhancing Public Transparency in Physician Financial Relationships through Open Payments Program

Enhancing Public Transparency in Physician Financial Relationships through Open Payments Program

teo
Importance of Respecting Customer Needs in Customer Service

Importance of Respecting Customer Needs in Customer Service

ramiel
Guide to Setting Up EU Login and Two-Factor Authentication

Guide to Setting Up EU Login and Two-Factor Authentication

wolfgang
Understanding Kerberos Authentication Protocol

Understanding Kerberos Authentication Protocol

bri_pr
Understanding Access to Healthcare in Northern Ireland

Understanding Access to Healthcare in Northern Ireland

mhens

More Related Content

Understanding Global Climates and Ireland's Climate
Understanding Global Climates and Ireland's Climate
Enhancing Security with Two-Factor Authentication in Funding & Tenders Portal
Enhancing Security with Two-Factor Authentication in Funding & Tenders Portal
Two-Step Authentication Implementation for Enhanced Security
Two-Step Authentication Implementation for Enhanced Security
Implementing 2FA for UW Azure AD: Best Practices and Options
Implementing 2FA for UW Azure AD: Best Practices and Options
Setting Up Two-Factor Authentication for HRMS Access
Setting Up Two-Factor Authentication for HRMS Access
An Open-Source SPDM Implementation for Secure Device Communication
An Open-Source SPDM Implementation for Secure Device Communication
Authentication and Authorization in Astronomy: A Deep Dive into ASTERICS
Authentication and Authorization in Astronomy: A Deep Dive into ASTERICS
West of Ireland Offshore Race Series
West of Ireland Offshore Race Series
Ireland's Engagement with the League of Nations: Path to Independence
Ireland's Engagement with the League of Nations: Path to Independence
Veterinary Medicinal Products Clinical Trials in Ireland
Veterinary Medicinal Products Clinical Trials in Ireland
Addressing Skills Development Gaps and Labour Mobility in Ireland
Addressing Skills Development Gaps and Labour Mobility in Ireland
History of Ireland and Queen Elizabeth I
History of Ireland and Queen Elizabeth I
Discovering the Legend of Saint Patrick in Ireland
Discovering the Legend of Saint Patrick in Ireland
Ireland's Post-Crisis Economy: Challenges and Progress
Ireland's Post-Crisis Economy: Challenges and Progress
Student Programmes Ireland Ltd: Providing Quality Secondary School Programmes in Ireland
Student Programmes Ireland Ltd: Providing Quality Secondary School Programmes in Ireland
Overview of Beef Farming in Ireland
Overview of Beef Farming in Ireland
Analysis of CAP Reform Proposals and SFP Distribution in Ireland
Analysis of CAP Reform Proposals and SFP Distribution in Ireland
Understanding Move Related Payments and Expenses
Understanding Move Related Payments and Expenses
Understanding IRS Form 1099-DIV and Reporting Dividend Payments
Understanding IRS Form 1099-DIV and Reporting Dividend Payments
Electronic Customer Relationship Management (E-CRM) in E-Commerce
Electronic Customer Relationship Management (E-CRM) in E-Commerce
Understanding Federal Customer Experience Initiative
Understanding Federal Customer Experience Initiative
Customer Journey Mapping Workshop Guide for Understanding Customer Experiences
Customer Journey Mapping Workshop Guide for Understanding Customer Experiences
Understanding Customer Interactions Through Journey Mapping
Understanding Customer Interactions Through Journey Mapping
Creating Customers for Life: The Golden Customer Rule and Emotional Loyalty
Creating Customers for Life: The Golden Customer Rule and Emotional Loyalty