Updated: August 16, 2019
New requirements for authenticating online payments will be introduced in Europe on September 14, 2019. As part of the second Payment Services Directive (PSD2), Strong Customer Authentication (SCA) will be required for many online payments made by European customers. This will require two-factor authentication (2FA) on many payments in Europe.
If your facility is based in Europe and you’re using Rock Gym Pro’s online booking and calendar system to sell items online, these new requirements will most likely affect the way in which payments are processed on your website in some way.
Rock Gym Pro is committed to supporting the required guidelines by the September 14th deadline:
(UK Businesses: On August 13, 2019, the UK regulator granted an 18 month phase-in period to give banks and businesses more time to prepare for these new requirements. As a result, it is expected that banks will not fully require SCA for payments from UK cards until March 2021.)
How Rock Gym Pro is Preparing
1) On-session (web-based) payment will support the required 2FA authentication by September 14th.
2) 2FA authentication, when capturing new card details for future off-session (merchant initiated transactions) will be supported by 14 September.
3) At this time Rock Gym Pro does not plan to support the emailing of a "recovery link" for when merchant initiated billing transactions are declined by the bank (because the bank is requiring 2FA for the specific merchant initiated transaction). This may be supported in the future, but will not be ready before the September 14th deadline. We will be primarily focused on the first two initiatives.
It is extremely unlikely that banks will be declining merchant initiated transactions for this reason.
Based on information provided by Stripe:
- Merchant initiated transactions are not technically covered by the SCA
- It's a massive technical requirement for all businesses that perform merchant initiated transactions
- Many customers will not be able to respond in a timely manner to these recovery links.
Because of these reasons, declining merchant initiated transactions due to a lack of 2FA on the payment is very unlikely - at least for the foreseeable future. Be aware that banks MAY require you to capture new card information with a one time 2FA authorization. This WILL be supported by September 14th (item #2 listed above).
Rock Gym Pro will continue to update this page as more information about these requirements become available.