How can the payments industry prepare for SCA with biometrics?

Vince Graziani, CEO of IDEX Biometrics ASA, discusses how the adoption of biometric payment cards can enable retailers to balance the security measures needed for compliance whilst also delivering ease of use for the consumer.
Vince Graziani, CEO of IDEX Biometrics ASA, discusses how the adoption of biometric payment cards can enable retailers to balance the security measures needed for compliance whilst also delivering ease of use for the consumer.

Significant developments are afoot in the retail and payments industry, with vendors needing to prepare for Strong Customer Authentication (SCA). It’s set to be the most significant change to how people pay for things, not only online but also for card-present retailers across Europe. The deadline for compliance with the regulation has recently been extended again, this time to March 2022.

This is now the third time the deadline for retailer compliance has been pushed back, with the Financial Conduct Authority (FCA) worried vendors are not prepared for the new payment security approach. This raises the question, will SCA ever really take off?  Well, for retailers the extended deadline can be viewed in a positive light. The fact that there are now a further ten months to pilot and then launch their response gives retailers more time to adapt their authentication and verification tools. But it’s also a benefit for banks and payment providers too.

The ongoing delay to the SCA will give the payments industry extra time to prepare for the rollout of the directive so they can deliver a secure SCA payment option to consumers. If the payment ecosystem fails to use this time to prepare or implement the right technology to comply with this new ruling, it will open consumers up to a significant threat of card fraud.   

The challenges faced within the retail space

There has been a large amount of focus on the implications of SCA when shopping online; however, face to face purchases will also need to be revisited. Even when using a card physically, SCA will require two-factor authentication for every purchase made over the contactless limit. This additional layer of protection provides a more stringent authentication process that will help to keep millions of accounts safe from both traditional fraudsters and cybercriminals.

Two-factor authentication means that not only will the user need to provide their details when making a purchase, they’ll also have to confirm their identity with:

  • something they know (a PIN or password),
  • something they have (such as a smartphone),
  • or something they are (biometric face or voice features or a fingerprint).

Once implemented, this will be beneficial in protecting consumers, however, getting to this stage will be a challenge. The requirements are set to cause widespread disruption to the retail space. The introduction of SCA will require in-person merchants and card issuers as well as online Payment Service Providers (PSPs), such as PayPal and WorldPay, to have in place the technical enhancements and testing needed by the deadline.

Educating the shopping public on SCA

This presents a significant logistical challenge; maintaining effective fraud prevention while keeping an optimised customer experience is not easy. But perhaps the biggest challenge of all is that consumers themselves still aren’t entirely aware of SCA or what will be expected of them come March.

The introduction of SCA demands collaboration within the industry to educate consumers, but ultimately it is up to payment providers to provide a reliable, secure and SCA-approved method of payment to consumers. Providers must also ensure that the method they choose is not only up to standard but is affordable and accessible to all.

Preparing for the future of secure payments with biometrics

Biometric payment cards offer the answer for payment providers to help prepare for SCA. Not only will these cards – with inbuilt fingerprint sensors to verify ownership – provide strong customer authentication, but they also come with the added benefit of convenience. Validating your payment with a fingerprint speeds up the transaction process and removes the requirement of PINs or the use of a smartphone.

Biometric fingerprint payment cards offer banks and payment providers, an opportunity to embrace payment innovation that will help them meet these new secure forms of authentication with confidence and ease.

It is worth noting that some payment card manufacturers, such as IDEMIA, are already preparing biometric payment card solutions. These will be ready for banks and card issuers to adopt so they have the time they need to pilot and roll out the new payment method before the new SCA deadline is imposed.


The FCA has also outlined previously that long-term authentication through biometrics and mobile app-based solutions is the future of secure payments. The use of biometric payment cards to authenticate online payments will offer an important way for retailers to balance security measures that comply with the SCA regulation whilst also delivering ease of use for the consumer.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

eCMR: If not now, then when?

Gerry Daalhuisen • 17th July 2024

There have been several unexpected pit stops on the road to eliminating paper-based processes in logistics. But, is paper finally set to be a thing of the past?

Tackling Tech Debt

Wes van den Berg • 16th July 2024

5 years ago if you were a CIO without a cloud strategy you’d likely be out of a job. But making decisions in haste might mean businesses ended up with technology they regret, that doesn’t deliver on the promised value.

Laying the foundations for global connectivity

Waldemar Sterz • 26th June 2024

With the globalisation of trade, the axis is shifting. The world has witnessed an unprecedented rise in new digital trade routes that are connecting continents and increasing trade volumes between nations. Waldemar Sterz, CEO of Telegraph42 explains the complexities involved in establishing a Global Internet and provides insight into some of the key initiatives Telegraph42...

IoT Security: Protecting Your Connected Devices from Cyber Attacks

Miro Khach • 19th June 2024

Did you know we’re heading towards having more than 25 billion IoT devices by 2030? This jump means we have to really focus on keeping our smart devices safe. We’re looking at everything from threats to our connected home gadgets to needing strong encryption methods. Ensuring we have secure ways to talk to these devices...