4 January 2021 - 3 min Reading time
Online shopping? That's convenient and easy. It has also become a habit for many Europeans. However, those remote purchases must be validated and paid for in a simple and secure manner.
That is why the second European directive for payment services (Payment Services Directive 2 or PSD2), which entered into force in 2019, has created a legal framework for safer payment traffic for consumers and merchants. New rules have been developed to provide customers with additional protection for their online card payments. For example, from January 2021 the principle of 'strong customer authentication' will apply.
This means that a consumer must authenticate himself when purchasing a product or service online. For example, with the exception of transactions with a low risk of fraud, it will no longer be possible to make an online purchase by only providing the bank card number and the code on the back (CVC code).
For many everyday purchases, strong authentication is already the rule: when we use our bank card, we also have to enter the PIN code to validate the transaction. Contactless payments are an exception. No pin code needs to be entered for payments up to 50 euros per transaction (and 100 euros cumulatively).
In order to apply the new security rules from 1 January, all webshops and online operators in Europe must ensure that they have a compatible system.
The Belgian banks, in consultation with the National Bank of Belgium, have drawn up a schedule for a coordinated transition. This planning provides for a gradual implementation of the new rules for strong authentication for online purchases. In this way, traders who also work online in Belgium can get ready in time.
August 25, 2020 is therefore the first milestone in this planning, with the threshold set at EUR 1,500. Online websites and traders, both in Belgium and abroad, must therefore adapt their systems to comply with the European directive. If not, they risk the banks refusing payments that do not comply with the new security rules.
We therefore recommend that merchants contact their payment system provider to verify if any changes are required. In Belgium, however, strong authentication for online payments is already well established, so many merchants are already in line. This is often less the case with foreign online merchants, who were less familiar with strong authentication until now.
Customers will hardly notice the changes during their online purchases, as we are already very familiar with strong authentication in Belgium. However, they may be asked to reconfirm the payment if secure validation is not already provided. It is of course essential that the supplier has brought its payment system into line with the new rules.