The Revised Payment Services Directive (PSD2) will require Strong Customer Authentication (SCA) for many online payments made by European customers. Strong Customer Authentication means that a payment must be authenticated by two out of three things: something you know, like a password, something you own, like your phone, and something you are, like a fingerprint.
PSD2 was originally scheduled for implementation on September 14, 2019, but has been delayed by 18 months. Businesses now have until March 2021 to become compliant.
This page is not a comprehensive guide to PSD2 and SCA. You can find many more detailed guides on the web. This page shows the readiness status of the various payment gateways used by Payage. If you have any information that would be useful here, please contact us.
For payment solutions where the user is redirected to a payment page on the payment gateway site (a hosted payment page), the payment gateway can upgrade the payment page to fully deal with the requirements of PSD2 and SCA without any involvement on the part of the merchant. This applies to PayPal and most of our other gateways.
For solutions where the user remains on your site and pays in a popup window, the situation is more complicated. Now, the payment gateway must engage in additional dialogues with the customer, on a non-PCI compliant site. Stripe have decided not to upgrade their popup solution and instead have introduced a new solution using a hosted payment page. Authorize.Net have also stated that they will not support PSD2 and will migrate accounts to CyberSource instead. We still do not know the status of the WorldPay Online gateway and will continue to search for information about it.
|PayPal has has lots of information about PSD2 and SCA. While the integration used by Payage, "Website Payments Standard", is not mentioned specifically, we believe that the information provided implies that the online checkout page will be upgraded as required.|
|Stripe has has lots of information about PSD2 and SCA, and it is clear that the original integration used by Payage, Stripe Checkout WILL NOT be PSD2 compliant. If you use Payage with Stripe in Europe you will need to upgrade to the "Stripe New Checkout" gateway addon.|
|Stripe New Checkout is a hosted payment page solution that is fully PSD2 compliant. Upgrading is easy. Please download the latest Payage user guide for more details.|
|Merchants with customers in Europe will need to migrate to CyberSource as detailed here. Authorize.net accounts will continue to work normally during the 18 month extension period.|
|Payplug has information about PSD2 here. The Payage integration uses the old API version, which will not be updated to support PSD2, and will eventually be retired. At present we have no plans to implement the new API, and we are considering dropping support for this gateway. If you use it, please contact us.|
|Barclaycard has lots of information about PSD2 and SCA. We haven't found anything specific about the integration used by Payage, "Barclaycard ePDQ Essential", but since it is a hosted payment page, we assume that the payment page will be upgraded.|
|Mollie has information about PSD2 here. The payment pages are now fully PSD2 compliant.|
|SagePay has committed to upgrading their gateway to support PSD2 "in a way that minimises the changes our customers need to make".|
|WorldPay has lots of information about PSD2 and SCA. There is no information specifically about the HTML Redirect Integration but since it is a hosted payment page, we assume that the payment page will be upgraded.|
|We have not found any information about the PSD2 compliance of the WorldPay Online integration which is a "popup" form, not a hosted payment page.|
|Skrill has some information about PSD2 here, although it does not provide any answers about the hosted payment page solution. We are considering dropping support for this gateway. If you use it, please contact us.|
|We don't think that payments with Bitcoin are affected by PSD2.|
|As far as we know, manually managed payments by cash, cheque, or bank transfer are not affected by PSD2.|