New EBA opinion requires implementation of SCA by 31 December 2020
On 16 October 2019, the European Banking Authority (EBA) published an opinion on the deadline for migrating to strong customer authentication (SCA) to online card payments authentications.
The opinion is on the deadline for the implementation of SCA with reference to the opinion of 21 June 2019, where the EBA allowed the competent authorities of each member state cd. National Competent Authorities (NCAs) to provide PSPs (issuers and acquirers) limited additional time to comply with SCA requirements.
The EBA opinion of 16 October 2019 allows payment service providers to complete migration to the SCA, including implementation and testing by merchants, by 31 December 2020.
The reference to online card transactions only adds uncertainty
The opinion of 16 October only covers card-not-present (CNP) transactions. This seems inconsistent with the PSD2 official guidelines and the views of the relevant authorities, which should apply to ALL payment methods and be technology-neutral.
This may create uncertainty in an ecosystem that has already suffered from a number of uncertainties and looks for clear rules and guidelines on actions to be taken and timing. The industry may be confused about the right approach to use towards electronic payment methods. In principle, some payment service providers may agree with NCAs (National Competent Authorities) to implement Strong Customer Authentication with different timelines, and in a different fashion for individual Member States. If such a scenario materializes, customers might experience different authentication rules with different PSPs located in different EU countries.
Industry expected harmonised guidelines across all payment methods
This is inconsistent with most PSPs’ expectations of harmonized rules on the implementation of SCA with a single common deadline across the EU to avoid negative impacts on issues including cross-border payments, rejection of non-fraudulent payment transactions, increased abandonment rates at checkout, regulatory arbitrage between different member states. In addition, we are surprised as this expectations come as the result of a survey conducted last summer among PSPs and mentioned in the EBA opinion of 16 October 2019. Although the opinion states that the preference of PSPs relates to card payment transactions, we strongly believe that PSPs intended to extend their preferences to all payment methods and not limit them to card payment.
To know more about Strong Customer Authentication (SCA) or other regulatory aspects contact of our experts or book a call.
The CleverAdvice Team
