opinion

What’s Ahead for Payments as 2020 Comes to an End

What’s Ahead for Payments as 2020 Comes to an End

If there ever was a year filled with change, it was 2020. I recently read a statistic in an Inc. news article that said due to COVID-19 we saw 15 years of behavior change in just 30 days. Everyone has been resilient and adaptive as they found new ways to survive.

As we embrace the fact that 2020 is coming to an end, on its last day there are two additional changes scheduled to hit the payments industry across Europe: Brexit and PSD2. These changes have been in the works for years but as of December 31, 2020, they officially take effect.

What does this mean to you and how can you best prepare? We worked with our compliance team to help map out a strategy for success.

Brexit

It’s amazing to think that it’s been over four years since the citizens of the United Kingdom voted to leave the European Union. Fast forward to January 31, 2020, the day known as Brexit Day, the exit process kicked off with an 11-month transition period allowing the U.K. to leave, but also continue to trade as if they were still in the EU. The time provided some breathing room to work out how trade and how border relations would work.

Officials placed a deadline of October 15, 2020 for the U.K. and EU to reach a new trade deal, but that date came and went. We now head into the new year with implications for everyone supporting U.K. and EU merchants in the payment processing world. If you’re a processor ready to support both U.K. and EU merchants, then you already became a licensed payment institution in both areas. Licensed processors must have financial, compliance and support personnel in both jurisdictions.

To provide some insight into the process, here’s what we did:

We secured our EU license back in September and officially opened our Ireland office, to be ready to process merchants in both regions. Merchants located outside the U.K. will transition to our Ireland entity and license; they’ll be processed and paid out through our European banking network, while our U.K. merchants will remain with our U.K. branch and will be processed and paid out through our U.K. banking network.

Processors will do the heavy lifting with almost all these changes. The only thing left for European merchants to do is sign an agreement with our company in Ireland; the rest will be handled behind the scenes. This change is something we’ve worked towards for years, but we’ll have to wait and see what will happen when December 31, 2020 arrives.

PSD2

The EU Revised Payment Services Directive was initiated back in 2007 to provide legal framework for improved payment operations in Europe. The focus of the directive was to increase competition in the payments space and provide a way to level the playing field for consumer protection. Thirteen years later, the directive has evolved through several updates including one in 2015 when the standard rolled out and was named PSD2.

The legislation focused on a more integrated EU market and more security for consumers processing payments. In 2018, PSD2 was updated requiring online and card present transactions initiated by a consumer to have a Strong Customer Authentication (SCA), meaning authentication needed to be based on different forms that only a customer knows like a pin, through a possession the customer owns like a phone, or inherence, something about the user themselves through biometrics. SCA was initially meant to be in place by September 2019 but the majority of EU Issuers were not ready, so the new mandated date was moved to December 31, 2020.

PSD2 SCA only applies to consumer-initiated transactions that are processed through EU acquirers and issuers. Merchant initiated transactions like rebills and recurring transactions, when the cardholder agrees to the terms at sign-up, are exempt. This is because the cardholder has already agreed to the rebill terms and is not present in the transaction flow.

For merchants operating out of the EU, all EU consumer-initiated transactions, both sign-up and one-click, must have SCA. One of the easiest ways to comply with the PSD2 SCA requirement is to implement 3D Secure 2.0 (3DS), which may require the consumer to be prompted for a pin, security question or some other factor after they have entered the card data on a payment page.

The purpose of 3DS is to allow issuing banks to make risk-based assessments on transactions, decreasing challenges while still providing SCA and liability shift. There are also customer initiation transaction exemptions to SCA … for example, if the transaction amount is under 30 Euros or if the number of consumer-initiated transaction does not exceed five since the initial SCA or if the cumulative amount of the transaction does not exceed 100 Euros since the initial SCA. There is one caveat to applying these exemptions, there is no chargeback liability shift if an exemption is applied.

These changes are all about as clear as mud, so people will need to rely on their payment processors. We’ll be here watching the rollout of the mandate by each of the issuers as we approach the end of the year; we want to make sure we’re maintaining compliance with the regulation and create the least amount of friction for consumers as possible. After all, we’ve been through plenty of change in 2020, here’s hoping these last two are a piece of cake.

Cathy Beardsley is president and CEO of Segpay, a global leader in merchant services offering a wide range of custom financial solutions including payment facilitator, direct merchant accounts and secure gateway services. Under her direction, Segpay has become one of four companies approved by Visa to operate as a high-risk internet payment services provider. Segpay offers secure turnkey solutions to accept online payments, with a guarantee that funds are always safe and protected with its proprietary Fraud Mitigation System and customer service and support. For any questions or help, contact sales@segpay.com or compliance@segpay.com.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
profile

WIA Profile: Patricia Ucros

Born in Bogota, Colombia, Ucros graduated from college with a degree in education. She spent three years teaching third grade, which she enjoyed a lot, before heeding her father’s advice and moving to South Florida.

Women In Adult ·
opinion

Creating Payment Redundancies to Maximize Payout Uptime

During the global CrowdStrike outage that took place toward the end of July, a flawed software update brought air travel and electronic commerce to a grinding halt worldwide. This dramatically underscores the importance of having a backup plan in place for critical infrastructure.

Jonathan Corona ·
opinion

The Need for Minimal Friction in Age Verification Technology

In the adult sector, robust age assurance, comprised of age verification and age estimation methods, is critical to ensuring legal compliance with ever-evolving regulations, safeguarding minors from inappropriate content and protecting the privacy of adults wishing to view adult content.

Gavin Worrall ·
Show More