The EU directive PSD2 SCA (incl. two-factor authentication, or 2FA), was initially scheduled for full enforcement on September 14, 2019, however the, FCA (Financial Conduct Authority) extended the deadline for implementing Strong Customer Authentication (SCA) for e-commerce transactions to 14 March 2022. Nevertheless, with this directive the EU legislature’s response to the increasing digitalisation of European payment transactions and is designed to strengthen consumer protection by promoting the introduction of technical innovations and increasing legal certainty.
SCA is one of the key points of PSD2, the EU’s revised payment service directive, and requires you to verify your identity with two independent factors whenever accessing accounts, making electronic transactions, or involving third-party service providers.
SCA requires all online and card payments to be confirmed independently in two of the following three categories: knowledge (such as a password or PIN), possession (such as a message to your phone), and inherence (a biometric method such as your fingerprint). It is therefore referred to as two-factor authentication, or 2FA, and makes paying by credit card even more secure by ensuring that the cardholder initiates or authorises a payment themselves.
All of your AirPlus products either fully comply with these requirements or have been exempted from 2FA by demonstrating exceptional security (such as the AirPlus Company Account and AirPlus Virtual Cards Single-use).