Strong Customer Authentication (SCA) measures are part of the revised Payment Services Directive (PSD2) to improve the security of payments online.
One of the key elements of SCA is two factor authentication. Also described as 2FA or 2-fac, this will require all financial transactions online over £28 to have additional authentication to protect consumers.
How does two factor authentication work?
The SCA measures are intended to reduce payment and card fraud online by implementing additional security measures at the point of transaction.
To date, most platforms require a password or PIN in order to make a payment online. However, 2FA means that there will be an additional layer of security in addition to the password to verify your identity.
There are many ways that the second factor can be delivered, however in general there are three different categories of information that you may be asked to provide. These include something you know (e.g personal information or a special word), something you are (such as thumbprint authentication or voice recognition) or something you have (e.g a one-off PIN code received on your authenticated phone).
Why has the change been made?
Having a second factor improves security because even if your password is accessed through hacking or other means, the second measure will be harder to access. This might be a one-time verification code that is sent to your phone or it could be something that hackers can’t steal, such as your thumbprint.
Different providers are taking different approaches to the security measures, but it’s likely you’ll be able to set up trusted devices and provide a number to which unique codes can be sent to speed up the process.
How is moneycorp managing SCA requirements?
To comply with Strong Customer Authentication (SCA), we’re changing how you access your account and send payments online. As well as adding in a second layer of security, we’ve overhauled the process of logging in and managing your account to improve overall security.
The first layer of security will be an updated passcode; when you log in for the first time since the SCA updates have taken effect, we’ll ask you to create a 5 digit passcode. It’s important to create a passcode which you will remember as you may need to enter this to authenticate future payments.
In addition, when logging into your account, or authenticating a payment you may be sent a one-time security code to your mobile phone or email.
What do I need to do?
Your account will be updated automatically with the new security measures. As a result, it is even more important that we have the correct contact details for you so we can send you one time security codes.
After your account has been updated, you will also be asked to check and update your email address and mobile phone number. Everything else about your account will remain the same, so you’ll be able to access the same great rates and convenient currency transfer services, but with an added layer of verification to protect your transactions and your account.