CentralPay integrates smooth, compliant identity verification protocols, with no impact on the payment experience
Secure
customer paymentsStreamline
your journeyReduce
compliance costsTo protect banking information and reduce fraud, PSD2 has introduced customer identification requirements.
In accordance with the online payment security protocol, each transaction must be subject to a strong authentication (Strong Customer Authentication) to certify that it has been carried out by the cardholder.
The payer must provide at least 2 of the 3 authentication factors defined by the European Banking Authority:
Password, secret code, secret question...
Mobile phone, connected device, token, badge...
Fingerprint, facial or voice recognition...
Strong authentication is decided by the issuing bank. This is based on a risk score, calculated by using additional data to put the payment into context.
This operation takes place in the background and does not disrupt the payment process.
If the cardholder’s payment conditions are considered to be normal, they will be able to benefit from frictionless authentication, with no redirection to the banking application. In the opposite case, strong authentication will be required.
Contextual analysis is made possible by the sharing of almost 150 data items from :
Under certain conditions, the payer’s bank may waive the requirement for systematic authentication
Considered as an evolution of the 3DSecure protocol, version 2.0 offers new advantages:
The new version of the 3DSecure protocol requires issuing banks to perform strong authentication for every payment.
In practice, these are based on the analysis of some factors, in order to calculate the transaction's risk score. If payment conditions are considered normal and risk-free, cardholders can benefit from frictionless authentication, without redirection to their bank's application.
3DSecure 2.0 meets the authentication requirements defined by the Regulatory Technical Standards (RTS) published by the European Banking Authority (EBA) and approved in 2018.
In 2019, as part of the Payment Services Directive No. 2 (PSD2), the European Parliament has made Strong Customer Authentication (SCA) mandatory in order to limit the risk of fraud.
No. The protocol is designed to add an extra layer of security to online payments, protecting both e-merchants and consumers by reducing the risk of credit card fraud.