SCA: Three things every merchant needs to know • eCommerce Forum | Forum Events Ltd
  • Encoded
  • SCA: Three things every merchant needs to know

    • 14

    With online fraud on the increase, companies must take action to make sure they meet the updated version of the Payment Services Directive (PSD2) which will mandate Strong Customer Authentication (SCA).  The Financial Conduct Authority (FCA) has announced the deadline for implementing full SCA compliance for e-commerce transactions is now 14 March 2022.

    The first PSD2 in 2007 levelled the playing field for payment institutions in the EU.  It increased competition and set out common payment standards and benefited customers and participators in the industry.  The revision in 2015 resulted in a more integrated and efficient payments market. SCA adds an extra level of protection for both merchants and their customers.

    Why is SCA so important now? Here are three things every company/merchant should know:

    • SCA protects businesses and the customer from online fraud

    SCA (or multi-factor authentication) assures the card issuer and acquirer that the transaction is genuine. If a customer pays online with SCA, but later claims it was fraudulent, the bank or card issuer accepts liability – previously the merchant had to refund the money and incur chargeback costs. 

    • SCA will become mandatory on 14 March 2022

    The new deadline to meet the new PSD2 with SCA requirements is 14 March 2022, for all UK company transactions online (over £45 or 50 Euros).  The FCA will enforce the directive and repeat offenders of declined transactions may be fined for non-compliance, not to mention the possible reputational damage.

    • Working with the right Payment Services Provider helps achieve compliance

    With some acquirers, secure checks are carried out separately from the transaction processing – which merchants must handle themselves. This is expensive to set up and requires resources and expertise to manage the mandatory technical and operational interfaces with third parties.

    Working with an established payment services provider (PSP) like Encoded means the transaction process and administration is managed from start to finish.  The merchant captures the customer transaction and the PSP carries out all the secure checks required by the acquirer to verify the card with the card issuer behind the scenes. With checks authorised, the PSP issues a secure link that takes the customer through the online process to complete the transaction.

    Choosing the right payment service provider early is an investment for the future. Now is the time to start thinking about how to protect your business from fraudulent transactions and comply with the new regulations.

    Adam Bromage-Hughes is Technical Director at Encoded and to read the full article please visit

    Leave a Reply

    Your email address will not be published.