The European Banking Authority (EBA) has published its final report on the amendments to the technical standards on the exemption from strong customer authentication (SCA) for account access under PSD2.
Read on that topic : What is PSD2?
The changes introduce a new mandatory exemption to SCA that will require account providers not to apply SCA when customers use an account information service provider (AISP) to access their payment account information, provided certain conditions are met.
The frequency for the renewal of SCA is extended from every 90 days to every 180 days, with the impossibility of imposing an extra SCA renewal during this period of time.
What does this mean for shoppers and members who share their data with trusted service providers like Spaycial? "This is a crucial factor for our members who were required to reconnect their bank account at least every 90 days for security reasons. The member was therefore bound to reconnect in order to continue to enjoy his benefits and in particular cashback. We noticed a real misunderstanding from our members about this 90 days time limit which was particularly short and affected the user experience", says Nurgül Sivasli, our Head of Legal.
She adds : "The stake on the business side is not neutral since it avoids us to follow up our members every 90 days to make sure that they still have access to the program."
This amendment will be submitted to the European Commission for approval, after which it will be submitted to the European Parliament and the Council for review before being published in the OJ. It will be then applicable 7 months after its entry into force.
Read on that topic : What is bank account agregator?