PSD2 and SCA presenting problems for non-payment sectors

Applying Europe’s revised Payment Service Directive (PSD2) and Strong Customer Authentication (SCA) is a challenge for sectors that don’t work exclusively in payments, said Jeremy King, international director of PCI Security Standards Council on a panel of various industry standards bodies at an event in London this week.

“The higher the level of regulation is, the better it is for us because if they come at it a higher level and say, ‘we need to improve this,’ all of the standards bodies can fit around that. One of the challenges seen with PSD2 and the SCA is they have taken a view which fits nicely with one particular sector, but if you are outside of that sector you are suddenly realizing all of the challenges that you are facing trying to meet regulation,” said King.

“In each of our areas we are trying to find a way for our standards to simply find a process for anybody in this room to be able to undertake payments in whatever sector in a frictionless way,” he said.

“As an industry when we work together, all of us here we’ve all said we are all open standards bodies, we work together with everyone in this room to try and get as many different inputs, so that we are not just focused on this one challenge, we are trying to think of all the different options.”

Also on the panel was Ian Brown, chair of the International Forecourt Standards Forum (IFSF), Steve Wakeland CEO of Integrated Transport Smartcard Organization (ITSO), and Alan Bird, global business development leader, at the World Wide Web Consortium.

Later in the discussion King acknowledged that standards bodies could be doing better regarding e-commerce fraud.

“If things didn’t change regulators are great, but things change rapidly. When are regulators are slower – by nature they have to be, cautious, and with a steady approach to regulation.

“It’s the challenge from a high level, us guys do as much as we can, if regulators have had to step in we’ve failed, and maybe with online e-commerce fraud we should be better,” he said.

Greater collaboration between standards bodies is required as the regulatory environment grows in complexity, added Bird.

“Having two versions of a standard actually means that you have no standards. Standards means one. We need local collaboration to make sure that we are all standing together because the whole regulatory environment is getting trickier and trickier,” said Bird.

Getting cross border payments to the same standard throughout Europe is currently a “real challenge” because of the way the sector has evolved differently in each country, continued King.

“Payments has just evolved in Europe, and every country evolved in a subtly different way. To try and get those different countries to be able to undertake the payments across borders which is what the European Central Bank (ECB) is pleading for, is a real challenge.

“You are only ever going to achieve it with everything that we are doing within this panel is an international standard,” he said.

King was referring to the launch of the TARGET Instant Payment Settlement (TIPS) by the ECB in November last year, which allows payment service providers to offer fund transfers to their customers in real time.

Related reading