So in a few months the PSD2 deadline will be here. I haven’t heard much talk here or elsewhere about PSD2, which considering we are literally months away I found strange, its one of the biggest changes to payments that we will see for a long time.
Basically the new rules state that all payments have to meet 2 of 3 elements.
1 Something you know (for example a password)
2 Something you have (for example your phone)
3 Something you are (for example your fingerprint)
Mastercard already have the technology in testing called Mastercard Identity Check basically 3DS covers this but Identity check is just a standalone version in testing to ensure compliance.
Barclays have a system in place already, its PINsentry system fulfills the requirements.
VPay from Visa is also compliant.
There are exceptions, for example Amazon will allow you to whitelist them with your bank, which means you won’t need any additional security to use Amazon.
Low value transactions won’t be covered either.
The only way to make it work is if people are used to 3DS or Vpay now before the deadline, otherwise people are just going to not bother with the extra hassle of buying things, and with this Mastercard have been slow.
Who’s going to want to shop with Argos and then have to log into online banking, to generate a code, people just won’t do it.
Worldpay for example have its 3DS Flex product, which is basically 3D secure for Worldpay merchants.
Barclays have a combined Visa and Mastercard product, but a lot of the other processors are still not ready for the changes.
Banking wise, even Starling doesn’t have a compliant product.