Treasury News Network

Learn & Share the latest News & Analysis in Corporate Treasury

  1. Home
  2. Payments - Receipts at POS
  3. Card Payments at POS

EBA heeds market concerns over payment card security rules

by Kylene Casanova

The EBA has softened its stance on security requirements for card transactions under PSD2, raising the threshold and adding exemptions, following criticism from payments industry.

As part of the revised Payment Services Directive (PSD2), the European Banking Authority (EBA) has published its final draft Regulatory Technical Standards (RTS) on strong customer authentication and common and secure communication.

Problems with authentication

Strong customer authentication (SCA) was one of the sticking points in PSD2 and received criticism from card payments companies and online retailers over concerns it would add unnecessary friction into online or or other card transactions. Visa was one of the companies that spoke out about SCA, saying it could “seriously disrupt” online shopping and “inconvenience consumers”.

Concerns addressed

The EBA has now addressed some of these concerns by raising the limit to which SCA rules would apply from €10 to €30 for remote payment transactions and by extending the scope of exemptions. Transactions won't need to comply with SCA rules if they meet several criteria, such as level of risk; the amount and recurrence of the transaction; and the payment channel.

The new RTS draft introduces two new exemptions:

  1. one based on transaction-risk analysis based on defined fraud levels and
  2. payments at so called ‘unattended terminals' for transport or parking fares.

Security AND smooth customer experience needed for success

Payments UK welcomed the final draft RTS and stated: “Overall we feel that the RTS will only be successful by ensuring strong customer authentication that balances the essential requirement to protect customer data with a seamless customer experience that allows for the creation of innovative new services.”

For more from CTMfile on how the SCA rules were causing upset in the European payments industry, see:

E-commerce will be disrupted by EU’s €10 checkout rules

Two ways PSD2 will rock the payments boat

CTMfile take: It's good to see the EBA listening to feedback on its proposals for online payments security under PSD2 – it received feedback from 224 market participants. We don't yet know whether these revised – and final – technical standards for PSD2 will be enough to ensure the 'smooth payments experience' that retailers and card companies such as Visa are keen to protect. We'll watch out for more reaction to the announcement in the coming days.

Like this item? Get our Weekly Update newsletter. Subscribe today

Also see

Add a comment

New comment submissions are moderated.