Online shoppers may need to confirm their identity more often when making payments from Monday as changes to combat fraud come into effect.
The new Strong Customer Authentication (SCA) requirements are a set of rules that will change the way people confirm their identity when shopping online.
The British Retail Consortium (BRC) said customers will be asked to prove their identity when making a purchase, confirming two of three “factors”:
1. Something they are – using a fingerprint or face ID, for example;
2. Something they know, like an access code or password;
3. Something they have, maybe their cell phone.
This means that, for example, customers may now find that they are prompted to verify a purchase via SMS more often, receiving an access code which they are then prompted to enter on screen.
Other confirmations could include answering an automated phone call to a landline or mobile phone.
A spokeswoman for banking and finance industry trade association UK Finance said SCA “is an important tool in the fight against fraud, adding an extra layer of protection when people pay online with a map”.
She continued: “When a customer makes a payment online, their bank or payment provider will need to verify who they are before the transaction is completed.
“This can be done in a number of ways, including sending a one-time password via text message, receiving a phone call, or logging into a banking app.
“Customers should ensure that their bank has their correct details.
“If a customer has specific needs, they should contact their bank to discuss the help available.”
Although the changes have applied to some transactions for some time, the proportion of transactions for which SCA requirements apply has steadily increased since the start of this year, as merchants and providers payment service providers are preparing to comply.
The SCA requirements were previously announced in September 2019.
The BRC said that with the increase in the number of purchases being made digitally, it is hoped that SCA will help reduce fraud and better protect customers and their money when shopping online.
Certain types of transactions are exempt from strong customer authentication, which means customers aren’t always asked to complete additional security steps.
These may be purchases deemed to be at “low risk” of fraudulent activity, such as when purchasing items at low prices, or repeat purchases such as subscriptions.
The BRC said retailers had been preparing their systems for many months to deal with the additional security checks.
Tom Ironside, Business and Regulatory Director at BRC, said: “Retailers have worked hard to prepare for stringent customer authentication requirements, ensuring online shopping is both as safe and easy as possible. .
“The BRC and our members have worked with suppliers to ensure that multiple fraud checks are carried out behind the scenes and any additional friction is kept to a minimum.
“Customers need to be reassured that buying online has never been safer.”