The introduction of two-factor authentication for home shopping credit card purchases was completed this spring
Published: 26 April 2022
Two-factor authentication is a statutory requirement for electronic payments and bank transfers. It requires something the customer has, something the customer knows and/or biometric data, such as a fingerprint. This extra-secure authentication process has recently become the norm for credit card payments made while shopping from home.
From 1 January, two-factor authentication is also mandatory for credit card purchases made while shopping from home
Two-factor authentication for electronic bank transfers and payments has been the norm since September 2019. For home shopping credit card payments, the introduction was temporarily delayed to give retailers, transaction processors and banks enough time to update their systems. New techniques have also been introduced in various parts of the payment chain.
Two-factor authentication is not mandatory for low-risk transactions
As with contactless payments in shops, which often donot require the customer to enter their PIN code, there are also exemptions for online shopping. This is the case, for instance, for small transactions (under 30 euros), recurring payments, payments to trusted counterparties, or – under strict conditions – if a transaction risk analysis is conducted. In transactions without authentication, the buyer is not liable for any misuse of their means of payment.
The implementation process has not been completed at the same time in all countries
In the Netherlands, people are already used to two-factor authentication involving security devices and mobile banking apps. Since this was not the case across the entire Eurosystem, the implementation process is taking longer in some countries than in others. Some international retailers may still not have implemented all the mandatory measures. If this is the case, purchases can only be made using a different payment method.