European payments firms look set to spend much of next year’s strong authentication grace period devising ways of implementing one-time passwords via SMS, even as they acknowledge that such measures will need to be quickly superseded.
A European Banking Authority (EBA) opinion in October established a 15-month delay to enforcement of new strong customer authentication (SCA) requirements, giving firms until December 31, 2020 to put the necessary processes in place.
Dirk Haubrich, head of conduct for payments and consumers at the EBA, has said that the authority “will definitely not extend” beyond this date.
Request a Free Trial
As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.Take a Trial