Secure Payment Confirmation (SPC) is a joint development by EMVCo, FIDO and the World Wide Web Consortium (W3C). It is designed to simplify and accelerate authentication for payment transactions based on FIDO, while boosting conversion rates for issuers and online merchants. Both issuers and online merchants can leverage SPC-based authentication, and its anticipated release is expected to come soon, given the market’s maturity and the benefits it offers to end-users.
One notable advantage of SPC is its minimal clicks for card holders, thus simplifying the web payment journey with a simple password or fingerprint scan without switching devices multiple times. Merchants need to configure their online shops to meet customers’ demands, particularly for one-click authentication, while ensuring safe payments.
For issuers, the primary challenge is simplifying the registration process for cardholders and raising awareness on instructions, simplicity, and benefits of using SPC.
PSD is being updated and supplemented with PSR
The European Payment Services Directive (PSD) is in the process of being updated and will then result in PSD3. In addition, a Payment Services Regulation (PSR) has been announced. Both are intended to advance the harmonization of payment markets in the EU.
While PSD3 must be transposed into national law by the EU member states, the PSR will apply directly as a regulation. A proposal for the PSR was published at the end of June 2023. The regulation is expected to be bindingly applicable in 2026 or 2027. To this end, the European Banking Authority (EBA) will then also adapt the technical standards (RTS) for transaction monitoring, outsourcing and transaction risk analysis (TRA).
One important impact will be that online merchants will have to provide more data to issuers for payment transactions, for example, about the device used by the customer. The additional required data and quality should lead to significant risk-scoring improvements.
Finally, if the proposed PSD3/PSR is adopted, there will also be changes to Strong Customer Authentication (SCA): Solutions in the future will need to meet inclusion requirements to enable use by people who are not digitally savvy. The updates aim to make it easier for consumers to transact confidently in the digital landscape, both with merchants and with banks.
Martina Forster: "Netcetera will provide suitable solutions for all these topics in time, and we will continue to maintain an intensive exchange with our customers."