GBIC calls on retailers with online business to step up their preparations. Only merchants or their payment services providers can trigger the use of 3-D Secure when a credit card is used to pay online. Without their support, the card-issuing bank cannot meet the legal requirements for customer authentication of e-commerce payments.
In principle, however, GBIC supports all measures that will facilitate an orderly transition of security procedures to the PSD2 era. The aim must be to ensure that consumers will continue to be able to shop online securely and conveniently using their payment card.
GBIC stressed that an additional transitional period requires a uniform approach throughout Europe since all parties involved have a common interest in increasing the security of payments.
The new rules mean that all card payments over the internet will in future have to be authorised by the customer with the help of two factors (strong customer authentication). Banks began to prepare for the implementation of these new requirements at an early stage and their preparations are now virtually complete. Since the 3 D Secure procedure, which is the basis for strong customer authentication, has been familiar and in use for many years when card payments are made online, the card-issuing banks are also well prepared.