While the payments industry scrambles to meet new standards for APIs, the FCA grants an extension for SCA compliance.

By Christian F. McDermott, Jagveen Tyndall, and Amy Smyth

In an effort to evaluate the readiness of banks to comply with the revised EU Payment Services Directive (PSD2), Tink, a banking platform and data provider, has reported that it tested 84 application programme interfaces (APIs) spanning 2,500 banks and 12 European markets. According to Tink the results showed that none of these APIs were sufficiently robust to meet the new regulatory standards. Separately, the UK’s Financial Conduct Authority (FCA) has delayed the implementation of the strong customer authentication (SCA) requirements introduced by PSD2 to enhance the security of all electronic payment services.

Stripe-commissioned report projects that Europe’s online economy risks losing €57 billion when SCA goes into effect on 14 September.

By Christian F. McDermott

A recent report released by 451 Research and commissioned by Stripe, the online payment processing business, has found poor levels of readiness for the requirements of Strong Customer Authentication (SCA). The report projects that European businesses stand to lose €57 billion in economic activity in the first 12 months after SCA takes effect on 14 September 2019.

Background

The revised Payment Services Directive (EU) 2015/2366 (PSD2) introduced SCA as a means to help achieve the overall aim of “ensuring that all payment services offered electronically are carried out in a secure manner, [by] adopting technologies able to guarantee the safe authentication of the user and … reduc[ing], to the maximum extent possible, the risk of fraud.”[1]

The new code aims to avoid customers being penalised for fraudsters’ actions.

By Andrea Monks and Nell Perks

Estimates indicate that fraudsters stole £1.2 billion from UK bank accounts in 2018 — a 16% increase on the previous year. UK Finance has described fraud as a “major threat to the UK”, and has confirmed that the finance industry is committed to tackling the issue. However, developments in banking that have led to quick and easy payment methods, combined with increasingly sophisticated cyber scams, mean that fraudsters continue to flourish.

There has been a particularly significant increase in authorised push payment (APP) fraud, in which a customer is tricked into making a payment to another account that is controlled by a criminal. Historically, victims of this sort of fraud have struggled to retrieve their money — only 23% of losses were returned last year.