Strong Customer Authentication (SCA)
An Overview of Strong Customer Authentication
- You’ll be asked to take extra steps to confirm it’s really you for some online transactions.
- For online card transactions, a passcode will be delivered to you via SMS or email, which you’ll need to enter to complete your transaction.
- You need to make sure we have your up to date mobile telephone number and email address.
- These improvements will further help to reduce fraud online.
- We will never contact you unexpectedly to ask for your PIN, full password or to move money to another account. Only give out personal or financial details to use a service that you’re expecting to contact you, that you’ve given your consent to and that you trust.
What is Strong Customer Authentication?
Strong Customer Authentication (SCA), also being referred to as Two Factor Authentication (2FA) means authentication based on the use of two or more elements. If one of these elements is compromised, it won't affect the reliability of the others and is designed to protect the confidentiality of the authentication data.
To provide you with a high level of protection, two or more elements are used to generate a secure authentication code. These elements are:
- Knowledge: something only you know. For example, a password or PIN.
- Possession: something only you have. For example, a bank card.
- Inherence: something unique to you. For example, fingerprints.
What will Strong Customer Authentication mean for me?
When making online transactions, we may send you an SMS containing a passcode. We'll then prompt you to enter this code onscreen before completing the transaction.
We may also offer alternative ways of confirming who you are. These may include a phone call, sending an email or using an app on your smartphone, if you have one.
What do I need to do to prepare?
Make sure we have your correct contact details. If you bank online, or if you are a Bankline user, you can update your phone number and other details there. If not, get in touch by popping into branch or giving us a call.
Why are you introducing these extra measures?
We’re introducing strong customer authentication to help further reduce fraud. With the increasing amount of online purchases, extra protection will ensure that customers are safe, and their money is secure.
Will this affect every payment that I make?
No. As an example, direct debits only require identity verification when they are set up; subsequent transactions will not require you to take action. Telephone orders (for example, buying from a catalogue by calling the company and giving your details over the phone) are not in scope. Other exemptions may apply.