Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Hey, friends. We know it's a crazy time for the economy, but don't forget to enable 2FA for payments by Saturday

Deadline for multi-factor authentication in UK banking looms

Saturday is the delayed deadline for UK banks and financial institutions to have implemented two-factor authentication for payment transactions.

This is the result of the EU Payment Services Directive 2 (PSD2) for "Strong Customer Authentication" (SCA). This requires institutions to have two levels of authentication in place for online transactions to reduce fraud. Providers can choose two out of three – something the customer knows, like a PIN, something they have, like a phone or hardware token, and something they are – a biometric check.

James Stickland, chief executive officer at authentication platform Veridium, said the huge growth in use of digital services made better authentication vital.

Stickland said: "This Saturday's deadline is a long-awaited triumph for consumer security and combatting online fraud. Ever-rising fraud levels are linked to the consumer preference of mobile e-commerce, forcing regulation to keep pace with innovation. Businesses have had an extended period of six months, in addition to the two years since the initial announcement, and there is no legitimate reason not to be compliant. A failure to integrate Strong Customer Authentication demonstrates a disregard for consumer protection – it should have been prioritised long ago and viewed as a business differentiator."

Stickland warned that banks face large fines for not complying with the rules and though the changes could inconvenience customers, they could actually improve user experience and increase confidence as well as allow new services to be offered.

There are some exceptions to SCA such as recurring payments when only the first payment needs authenticating, low-value payments of less than €30 and merchant-initiated transactions.

How big a problem online fraud is a hotly disputed subject.

Government quango Action Fraud is the UK's central referral point for online crime. But it referred fewer computer misuse cases to police in 2019, while the Crime Survey for England and Wales also saw a fall but a far higher total than Action Fraud.

In other news. Halifax and Lloyds' online services were struggling to stay available this morning.

We contacted Lloyds, FirstDirect, the Royal Bank of Scotland as well as the Financial Conduct Authority but none were able to respond. ®

Similar topics

TIP US OFF

Send us news


Other stories you might like