The UK’s Financial Conduct Authority (FCA) has deferred the implementation of strong customer authentication (SCA) rules for e-commerce by six months due to the Covid-19 crisis.
The aim is to lower disruption to consumers and merchants amid the pandemic.
SCA was originally scheduled to be effective on 14 March 2021.
With the deferment, the implementation date has been pushed back to 14 September 2021.
The financial watchdog has urged firms to adopt the required measures to meet the revised detailed phased implementation plan and avoid enforcement action.
Firms not adhering to SCA norms after the revised implementation date will face FCA supervisory and enforcement action, the regulator stated.
Commenting on the changes, FCA said: “We expect UK Finance, as coordinator for the industry, to discuss the detailed phased implementation plan and critical path with all stakeholders and agree it with the FCA as soon as possible.
“In the meantime, firms should continue with the necessary preparatory activities such as robust end-to-end testing.”
SCA aims to make online payments more secure by using at least two of the authentication elements.
These elements include password, pin, ID number; something which the user possesses such as mobile device, token, smart card; as well as biometric authentication through fingerprint, face or voice recognition.