Strong Customer Authentication

From 14th of September, a new EU payment directive (PSD2 SCA) will take effect. In line with this directive, the security requirements for certain payments within the EU/EEA will be higher. The purpose of these regulations is to reduce the chance of fraud. Be aware that this may have an impact on how you as a customer carry out your payment, because a strong customer authentication may be required.

What does ‘Strong Customer Authentication’ mean?

When EnterCard receives payment instructions, it is important for us to know who initiated the payment. In order to have control over this, EnterCard asks you to authenticate yourself. Strong Customer Authentication is when a combination of several components (e.g. maiden name, characteristics and possessions) are used as identification criteria. This strengthens your protection against unauthorised transactions.

An example of Strong Customer Authentication is signing in through BankID (Norway & Sweden) or NemID (Denmark) on your phone. BankID and NemID are solutions for secure identification. You can use your phone number, Social Security Number and personalised PIN code to sign in.

Read more about BankID and NemID here:

Which payments will the Strong Customer Authentication regulatory cover?

  • Payments made on the internet within the EU/EEA.
  • Payments made in physical stores within the EU/EEA.
  • Payments done with mobile phones/smartwatches i.e. (Apple Pay, Samsung Pay, Google Pay etc.) within the EU/EEA.

The most important changes:

  • When shopping in a store or online you may need to identify through e.g. BankID/NemID or PIN code.
  • The payment may be declined if a store or web store does not comply with the new regulations.

What you must do:

  • You must ensure that you know your payment cards PIN code. If you forget the PIN code, you can recover it in your ‘My Page’/Netbank solution provided by your card issuer.
  • If you are shopping online, be sure to have access to BankID Norge / BankID Sverige / NemID.

What does this mean for you?

  • The most significant change is that the solution to do purchases online (including apps and webpages) without some sort of additional verification of ID will no longer be possible.
  • You may need to use PIN code more often when doing purchases in stores in Sweden and Denmark.
  • In some countries, customers used to have the opportunity to identify themselves by signing the receipt if they for example had forgotten their PIN code. This will no longer be possible after the regulation takes effect. Therefore, remember your PIN code.
  • Contactless payment will still be available up to a certain amount without using your PIN code.
    • Each country has local rules. Consult your local card issuer/customer service on what amount applies in your country.

Always be aware of

  • Always carry relevant contact information such as phone number and e-mail address.
  • It is still important to be aware in order to avoid fraud. If someone encourages you to sign into ‘My Pages’ using BankID, NemID or other identification methods, do not comply.

Never lend your card or card credentials such as PIN code, card code (16 digits) and CVC/CVV code to anyone. This also applies if the service provider seems legit. You should always contact EnterCard if you are in doubt: