UK Makes Contactless Payments Easier – Purchases up to £100 (~$140) Will No Longer Require Strong Customer Authentication
By Kai Zhang
Following consultation in January 2021 (CP21/3), the UK Financial Conduct Authority (“FCA”) published its decision, on 3 March (PS21/2), to increase the contactless payment limits under the Strong Customer Authentication (“SCA”) requirements. Essentially, SCA is not required for single contactless transactions up to the value of £100 (about $140) per transaction (increased from the previous £45 ($62)), subject to (amongst others) the cumulative transaction value threshold of £300 (about $420) (increased from the previous £130 ($180)). Once this cumulative threshold is hit, the contactless transaction must again be authenticated before the transaction can proceed. The cumulative threshold was initially proposed at £200 in the consultation but is set at £300 in response to the industry feedback (according to the FCA).
The FCA said that most respondents to its consultation welcomed the proposed increases. In response to the potential higher fraud risk raised by some respondents, the FCA noted that it had not seen evidence of such higher risk. The FCA further pointed out that in any event, the changes would simply remove regulatory barriers to offer the industry the flexibility and it would be up to firms to decide whether and how much to raise limits in practice based on fraud controls and monitoring.
The FCA does remind firms that where they decide to make use of the new limits, firms must ensure they sufficiently mitigate the risk of unauthorised transactions and fraud, including by having the necessary fraud monitoring tools and systems in place and taking swift action where appropriate. The FCA may take appropriate measures, including enforcement action, where breaches are identified.
For further information on the consultation, please see our full alert at: https://www.klgates.com/UK-Payments-Regulation-Changes-Are-Coming-2-17-2021