The Revised Payment Services Directive (PSD2) will require Strong Customer Authentication (SCA) for many online payments made by European customers. Strong Customer Authentication means that a payment must be authenticated by two out of three things: something you know, like a password, something you own, like your phone, and something you are, like a fingerprint.
PSD2 was originally scheduled for implementation on September 14, 2019, but has been delayed by 18 months.
This page is not a comprehensive guide to PSD2 and SCA. You can find many more detailed guides on the web. This page shows the readiness status of the various payment gateways used by Payage. We will update this page regularly as September approaches. If you have any information that would be useful here, please contact us.
For payment solutions where the user is redirected to a payment page on the payment gateway site (a hosted payment page), the payment gateway can upgrade the payment page to fully deal with the requirements of PSD2 and SCA without any involvement on the part of the merchant. This applies to PayPal and most of our other gateways. However, for solutions where the user remains on your site and pays in a popup window, the situation is more complicated. Now, the payment gateway must engage in some new dialogues with the customer, on a non-PCI compliant site. Stripe have decided not to upgrade their popup solution and instead have introduced a new solution using a hosted payment page.
For now we assume that all of the hosted payment pages will be upgraded and require no involvement on our part or yours. However, we do have concerns about the other "popup" solutions, Authorize.Net and WorldPay Online and will continue to search for information about those. Here's the latest information we have about each supported gateway:
|PayPal has has lots of information about PSD2 and SCA. While the integration used by Payage, "Website Payments Standard", is not mentioned specifically, we believe that the information provided implies that the online checkout page will be upgraded as required.|
|Stripe has has lots of information about PSD2 and SCA, and it is clear that the original integration used by Payage, Stripe Checkout WILL NOT be PSD2 compliant. If you use Payage with Stripe in Europe you will need to upgrade to the "Stripe New Checkout" gateway addon.|
|Stripe New Checkout is a hosted payment page solution that will be fully PSD2 compliant. Upgrading is easy. Please download the latest Payage user guide for more details.|
|Authorize.Net has not published any information about PSD2, however this page states that Authorize.net will not be supporting PSD2.|
|Payplug has not published any information about PSD2, however, since it is a hosted payment page solution, we assume that the payment page will be upgraded.|
|Barclaycard has lots of information about PSD2 and SCA. We haven't found anything specific about the integration used by Payage, "Barclaycard ePDQ Essential", but since it is a hosted payment page, we assume that the payment page will be upgraded.|
|Mollie has not published any information about PSD2, however, since it is a hosted payment page, we assume that the payment page will be upgraded.|
|SagePay has committed to upgrading their gateway to support PSD2 "in a way that minimises the changes our customers need to make".|
|WorldPay has lots of information about PSD2 and SCA. There is no information specifically about the HTML Redirect Integration but since it is a hosted payment page, we assume that the payment page will be upgraded.|
|We have not found any information about the PSD2 compliance of the WorldPay Online integration which is a "popup" form, not a hosted payment page.|
|Skrill has not published any information about PSD2, however, since it is a hosted payment page solution, we assume that the payment page will be upgraded.|
|We don't think that payments with Bitcoin are affected by PSD2.|
|As far as we know, manually managed payments by cash, cheque, or bank transfer are not affected by PSD2.|