Call us on: 02920 887 362
Insights /

Strong Customer Authentication

Strong customer authentication (SCA) has begun rolling out in the UK this week. Here’s a quick look at the latest step in the rise of multi factor authentication.

What is Strong Customer authentication?

Multi-factor authentication (MFA) adds an extra layer of security when using online accounts. As the name suggests, it uses multiple factors to authenticate your identity, rather than just one. It is used frequently across the web already, in online banking, online shopping and social media. Without MFA, all someone would need to find out to access your accounts is your username and password. With MFA, they’d also need something else to access the account.

Some examples might be:

  • Something you have – you could associate your mobile number with the account, or have a dedicated authentication device.
  • Something the you know – this might be a password, a PIN or personal information like your mother’s maiden name.
  • Something you are – biometric data can be used as authentication, for example facial recognition or fingerprints.
  • Somewhere you are – you can also authenticate yourself by connecting to specific networks or by using GPS to identify your location.

In simple terms, Strong Customer Authentication means that businesses will have to implement MFA for their users when making transactions online. Some businesses already use MFA; people who use online banking regularly will likely already be very familiar with it.

When is this happening?

SCA has been in the works for some time, with the initial deadline of 2019. However, this was rolled back in the light of the coronavirus pandemic. From the 14th of March 2022, all online banking and ecommerce businesses will have to implement SCA.

Will I need authentication for every transaction?

Mastercard says it expects about 25% of online transactions to require some form of extra verification. Low value payments, and regular payments like subscriptions, in particular won’t require extra verification as often as larger transactions.

What will the effects be?

In the long term, it’s hoped that SCA will reduce fraud and make online transactions more secure. In 2018, an estimated £671m was lost to fraud on UK payment cards.

In the short term, however, both businesses and consumers may take some time to get used to the changes, with some publications warning shoppers their cards or purchases may be declined if they don’t have stronger authentication methods in place.

Consumer group Which? Has also raised concerns that consumers without a mobile phone, or without a strong mobile signal in their home, could be disenfranchised by the changes.

What do I need to do?

Keep an eye out for SCA being implemented on your various online accounts, and be ready to set up other authentication methods when conducting transactions online. If you’re looking to improve authentication and password security for your business, you might want to take a look at our cyber security services, in particular our password management solution.

You might also be interested in:

A Quick Intro to Patching

What is patching? And why do IT people talk about it so much?

When should you outsource your IT?

The short answer, and the one you’d expect from an IT support provider, is as soon as you can. But there’s a bit more to it than that.

Excellence on Ice