I’m sure that many of you are already well aware of recent changes affecting the security experience for cards, but I’ve noticed that there are still a lot of questions about what this will mean in practice, and I will be happy to answer as many as I can (as they relate to how Dozens is implementing the regulations).
To kick things off, please read our blog post:
The first change that we will all notice is an effect of SCA - Strong Customer Authentication. It means that contactless transactions will be limited to 5 ‘taps’ or a total of £135 (€150) before you will need to confirm that you still have the card.
The best way I have found to understand this is that it is similar to having a session on a website - you log in to prove it is you, but after a while you are automatically logged out so no-one else can come along and use your account on an unattended computer. If you want to keep shopping, then you need to log in again.
It will not affect TfL and some other tap-and-go transactions, but we will all have to get used to putting the card in the reader a bit more often than we have been used to recently.
The second is that we are rolling out 3DS for all customers - you may not see it yet for all online transactions, but it will happen for all shortly.
The point here is that since for some transactions, neither the customer NOR the card are present, and so to know the transaction is genuine, we will need to ask for confirmation using a second factor - such as sending you an SMS on your registered mobile, or getting you to log into the app.
The technical implementation will develop over time, but you will see this being requested more regularly soon.
If you have any questions or comments, please do let us know here and we will do our best to answer them