Recently searched

    Payment Services Directive

    The Strong Consumer Authentication (SCA) requirements, within the wider Payment Services Directive (PSD2), mean that you might need to confirm you are the credit and/or debit card owner when purchasing anything online within all EEA countries. The need for authentication in online purchases is an attempt by the European regulators to make eCommerce payments more secure.

    This enhanced security is what will affect your online purchasing and will require identity verification when paying online. A 2-factor authentication process will be implemented, meaning you will need to know 2 out of the following 3 factors to complete your online purchase: something you have, something you know and something you are.

    There are some simple steps you can follow to ensure you and your business can still purchase online after this legislation change.

    1. Upgrade your internet browser to the latest version. Solution providers are using the latest online security features to make your online journey as secure as possible and old browsers may not be compatible.

    2. Disable pop-up blockers for the RS Components website.

    3. Consider no longer sharing cards between individuals, card providers will hold personal details for all credit and/or debit cards, which you may not have access to.

    4. Whitelist RS Components Ltd with your card provider so your users are not asked to authenticate when placing orders with RS Components AS.

    5. Communicate these changes now to all card users so they are aware and know-how and what the card provider requires them to authenticate for all online payments within EU and EEA (European Economic Area).

    What is the Payment Services Directive 2 (PSD2)?

    The Second Payment Services Directive (PSD2) was officially published by the European Commission in December 2015 and follows on from the First Payment Services Directive (PSD1), which was implemented in 2009. PSD2 went live in January 2018 and has implications for all companies in Europe that deal with payments, including the need for strong customer authentication (SCA).

    SCA requirements come into force on September 14th 2019 for any transaction conducted where both the issuing bank (e.g. your credit card provider) and the merchant are based in the EEA (European Economic Area). All such transactions must be Strongly Authenticated by at least 2 of 3 possible factors:

    • Something you have (e.g. the credit card/ mobile device)• Something you know (e.g. a pin number/ password)• Something you are (i.e. a biometric ID such as face scan, thumbprint)It is expected that this will become mandatory worldwide by the end of 2020.

    Within the cards payments space, there is already a scheme in place to ensure SCA called 3-D Secure (3DS).

    3D Secure authentication is an additional security layer for E-commerce transactions. Consumers recognise it as Verified by Visa, Mastercard SecureCode or Amex Safekey. This is the little window that appears at checkout after entering card details which sometimes requires the customer to enter a password or a one-time code sent to their mobile phones. To address some of the challenges customers used to face, a new version of 3DS has just been released. This should result in a more seamless customer experience and regular, low-risk transactions being authenticated without the need for passwords to be entered.

    All businesses, regardless of size or type of industry, and all banks need to comply with this regulation.

    Will this affect me?

    The PSD2 change will affect you if you do not know the security details or the credit and/or debit card you are using to purchase online.

    What will change on the RS website when I’m purchasing online?

    The payment journey may look a little different. Today, customers enter their card details and move directly to a review and confirmation page. After 14th September 2019, a 3D Secure window may be displayed after you enter your card details, which could require you to authenticate the card you are using.

    Each bank in Europe is enhancing their 3D Secure strategy as they upgrade to the new version. We will modify our payment page to enable issuing banks to request – if needed – their chosen piece of security information. This communication will take place directly between the customer and the bank, RS Components will not be privy to the data exchanged with the bank.

    You need to ensure you know how the card provider of your credit/ debit card is implementing 3D Secure. For example, will they be asking for a one-time code they will send to their mobile? Will they display the code within their mobile app? Or will they ask for a few digits of a predefined password? As you are likely to experience this every time you purchase online, you will need to know this information.

    In many cases, it is likely that card providers will recognise that your purchase with RS Components is within your regular purchasing behaviour and will therefore not require additional authentication. But if they do, you will need to enter the requested information for the transaction to be approved.

    Who do I contact to help me?

    You need to contact your card provider and ask how they are implementing this enhanced security. Find out what information you will need to complete your purchases online and ask to whitelist RS Components AS to stop this happening with any future online purchases.

    What can I do to stop this effecting me?

    Contact your card provider now and find out how they are implementing this enhanced security and what information you will need to complete your purchases online. Most importantly, request to whitelist RS Components AS to stop this happening with any future online purchases.

    We have a Purchasing Manager account, are we still effected?

    Yes, if within your PurchasingManager™ set up, it includes the use of credit and/or debit cards which you may have shared with your end users to use during their online checkout on the RS website.

    The new directive rules of strong authentication will mean that all card users could be asked questions based on the personal details of the card holder that they may not know the answers to, if this happens the card will be declined.

    If you are not able to do this please call our customer services team on 64 83 40 00 to place your order on the phone.

    Are any online payments exempt?

    Card transactions below EUR 30 are considered the low value and are generally exempt from authentication. However, if you initiate more than five consecutive low-value payments or if the total payments value exceeds EUR 100, SCA will be required.

    I can’t place my order online, what do I do?

    As the change only affects purchases online, you can contact our customer services team on 64 83 40 00.

    Was this page helpful?