EN
Corporate

New rules for online payment suspended by 18 months

logo
Legal news
calendar 6 September 2019
globus Denmark

According to the Association of Danish Internet Commerce (DFIH) 14th September 2019 would have been a fateful day. On this day the last part of the EU Payment Directive PSD2 should have come into force. The directive sets, among other things, greater requirements for customer authentication (SCA) and thus requirements for online stores online payment systems.

Now the Financial Supervisory Authority has extended the period of another 18 months to implement the new rules on strong customer authentication in Denmark. The extension only applies to card payments on the Internet. The longer implementation period shall ensure that the transition to the new rules does not lead to the anticipated major disruptions to Danish e-commerce.

Higher requirements on customer authentication - safer online trading

The PSD2 rules from January 2018 aim to make electronic payments safer and avoid cases of abuse. Requirements for strong customer authentication involve two-factor authentication when making payments over the internet. The rules will affect businesses and traders engaged in online commerce.

The consumer must go through at least two of the following elements when approving an online payment:

  • Something the consumer knows (e.g. a password)
  • Something the consumer has (e.g. a credit card)
  • Something the consumer is (e.g. fingerprint)

From 14 March 2021 the web shops must be technically arranged so that the consumer must approve a payment with at least two factors, for example payment card and a confirmation code on SMS.

Initially, the rules were to enter into force on 14 September 2019, but FDIH has in recent months sought to postpone the rules, to allow online stores to implement the right technical solutions. Only recently the Danish Financial Supervisory Authority has announced that the rules will be postponed by 18 months to 14 March 2021.

Which payments are covered by the rules?

Not all online payments are covered by the new rules. Small payments under 30 Euro (DKK 225) will be exempt from extra approval. However, a two-factor approval must be made for every five transactions or where the total amount for several small payments exceeds 100 Euro.

In addition, fixed price subscriptions or recurring payments of the same amount to the same beneficiary are also exempt from the two-factor approval. Except for the very first payment.

Failure to comply with the new rules

As a business, you will be liable for any losses incurred in connection with any abuse if the rules cannot be complied to. In addition to this, the financial companies, and other players in the payment flow, have the right to reject payments that have not been made with two-factor approval and therefore one can risk losing their payments.

IUNO's opinion

At IUNO we believe it is important for internet businesses already to ensure that their online payment solution is ready for 14 March 2021, as the technical implementation can take a long time. It is therefore important that companies contact their credit card acquirer or payment solution provider and inquire about the technical implementation of the rules.

If you have any questions about the new rules or need our help, please do not hesitate to contact us.

Now the Financial Supervisory Authority has extended the period of another 18 months to implement the new rules on strong customer authentication in Denmark. The extension only applies to card payments on the Internet. The longer implementation period shall ensure that the transition to the new rules does not lead to the anticipated major disruptions to Danish e-commerce.

Higher requirements on customer authentication - safer online trading

The PSD2 rules from January 2018 aim to make electronic payments safer and avoid cases of abuse. Requirements for strong customer authentication involve two-factor authentication when making payments over the internet. The rules will affect businesses and traders engaged in online commerce.

The consumer must go through at least two of the following elements when approving an online payment:

  • Something the consumer knows (e.g. a password)
  • Something the consumer has (e.g. a credit card)
  • Something the consumer is (e.g. fingerprint)

From 14 March 2021 the web shops must be technically arranged so that the consumer must approve a payment with at least two factors, for example payment card and a confirmation code on SMS.

Initially, the rules were to enter into force on 14 September 2019, but FDIH has in recent months sought to postpone the rules, to allow online stores to implement the right technical solutions. Only recently the Danish Financial Supervisory Authority has announced that the rules will be postponed by 18 months to 14 March 2021.

Which payments are covered by the rules?

Not all online payments are covered by the new rules. Small payments under 30 Euro (DKK 225) will be exempt from extra approval. However, a two-factor approval must be made for every five transactions or where the total amount for several small payments exceeds 100 Euro.

In addition, fixed price subscriptions or recurring payments of the same amount to the same beneficiary are also exempt from the two-factor approval. Except for the very first payment.

Failure to comply with the new rules

As a business, you will be liable for any losses incurred in connection with any abuse if the rules cannot be complied to. In addition to this, the financial companies, and other players in the payment flow, have the right to reject payments that have not been made with two-factor approval and therefore one can risk losing their payments.

IUNO's opinion

At IUNO we believe it is important for internet businesses already to ensure that their online payment solution is ready for 14 March 2021, as the technical implementation can take a long time. It is therefore important that companies contact their credit card acquirer or payment solution provider and inquire about the technical implementation of the rules.

If you have any questions about the new rules or need our help, please do not hesitate to contact us.

Receive our newsletter

Aage

Krogh

Partner

Similar

logo
Corporate

23 March 2022

Changes to the Danish Sale of Goods Act: Guarantees

logo
Corporate

2 March 2022

What do the sanctions against Russia mean for your company?

logo
Corporate

23 February 2022

Overview: New rules for sale to consumers

logo
Corporate

13 December 2021

How to avoid illegal shareholder loans

logo
Corporate

1 December 2021

Now companies are not allowed to receive cash payments of more than DKK 20,000

logo
Technology HR-legal Corporate

2 November 2021

Joint whistleblower schemes for multinationals

The team

Aage

Krogh

Partner

Caroline

Bruun Ibsen

Senior legal advisor

Josephine

Gerner Amaloo

Legal assistant

Karoline

Skak Kristensen

Legal assistant

Madeleine

Grønning Madsen

Legal assistant

Mai

Haaning Kristensen

Legal assistant

Matilde

Grønlund Jakobsen

Senior Associate