On the 14 of September, Strong Customer Authentication comes into force as part of the EU Payment Services Directive (PSD2).
For customers, this means that payment will be even more secure. If they want to pay online, they will have to authenticate their payment using two different factors.
These could be, for example, a password, a transaction authentication number (TAN), or their own fingerprint. This will also change the payment process for Zalando customers, especially for credit card payments. We have extensively tested the process and are one of the first ecommerce companies to introduce it.
PSD2 in a nutshell
The EU Directive PSD2 applies to all-digital payment methods. The look and feel of the authentication experience for the individual customer are determined by the respective bank. According to the new directive, three groups of factors are used for authentication. These are:
- Knowledge (e.g. password),
- Possession (e.g. a smartphone, a one-time password) and
- Inherence (e.g. fingerprint).
For each payment, two factors from different groups must be acquired. Two-factor verification helps customers make their online purchases even more secure.
Currently, customers use their credit card number, expiration date and Card Verification Value (CVV) to verify the possession of that credit card. Many new features have been introduced including fingerprinting as an additional biometric authentication factor.
Zalando say after their customers have decided on a payment method and stored the corresponding information, the data is encrypted and transmitted to their customer’s bank. This secure data transfer is made possible by the technology provided by the Adyen payment platform.
The bank sends a customer notification about the additional authentication of the payment. By clicking on the message, the customer arrives at their bank app and is asked to confirm the payment with their fingerprint. After successful verification, they are automatically redirected back to Zalando’s checkout process. The order is then successfully completed.