PSD2 is a EU-directive with requirements for e-commerce.
PSD2 are meant to increase the security of online shopping by requiring Strong customer authentication - SCA - (e.g. 3-D Secure) for almost all transactions.
There is several excemptions in PSD2, but in general the following transactions will all require SCA;
- Payments above € 30
- On creation of subscriptions, but not on later withdrawals
- On creating of saved cards, AND on each later withdrawal
In Denmark (and several other countries in the EU) PSD2 has been postponed for 18 months for a so called “implementations-period”.
The law it self will however still apply from the 14th of September 2019, but Finanstilsynet will not do anything, if payments are not completed with SCA.
“Finanstilsynet” on the implementation-period in Danish.
Finanstilsynet understreger, at implementeringsperioden ikke ændrer på, at reglerne om stærk kundeautentifikation træder i kraft den 14. september 2019. Dette er bl.a. relevant for hæftelses- og ansvarsreglerne i lov om betalinger i tilfælde af, at der ikke er anvendt stærk kundeautentifikation.
What should I do?
We expect that payments issued in countries with a implementation-period will not be rejected from the 14th of September regardless of SCA
In the QuickPay Manager under Settings > Fraud Filter it is possible to automatically apply to rulesets to make sure you comply with PSD2.
- That all payments above € 30 where the card is issued in the EU will be forced through 3-D Secure.
- That all new subscriptions will be forced through 3-D Secure.
Dankort - Secured by Nets
Make sure that Secured by Nets (“3-D Secure” for Dankort) is activated.
You can do this in the QuickPay Manager under Settings > Acquirers > Nets
It will not be possible to use Saved cards through your existing integration when PSD2 goes into effect.
PSD2 requires that the cardholder goes through 3-D Secure when creating the saved card, and for EACH later withdrawal.
If you are using saved cards for Merchant initiated transactions where the cardholder is NOT present for the transactions, you will need to move to using subscriptions. If you want to migrate your existing Saved Cards to subscriptions please contact us on email@example.com.
If you are using saved cards to save your customers card information, to enable the customer to make later buys without filling in their card information, this will in the future require an additional step to go through 3-D Secure.
Read more on our helpdesk article on Saved cards
Existing subscriptions will continue to work after PSD2. PSD2 only applies to new subscriptions.
Apple Pay counts as Strong customer authentication.
MobilePay Online will also work after PSD2.
It is however still not clear if MobilePay Online for some payments will require an additional step. But this will be handled automatically by QuickPay and MobilePay.
Contact QuickPay Support