The Danish Financial Supervisory Authority extends the deadline for implementing Strong Customer Authentication by 18 months

12 Sep 2019
However, the extension does not change that the rules on strong customer authentication will enter into force on September 14, 2019.

The Danish Financial Supervisory Authority (FSA) has chosen to allow an extended period of 18 months to 14 March 2021 to implement the new rules on strong customer authentication (SCA) in Denmark. The extension only applies to credit card payments on the Internet. The longer implementation period shall ensure that the transition to the new rules does not have a disruptive effect on Danish e-commerce.

The decision of the Danish FSA to extend the implementation period of the EU rules on strong customer authentication (including requirements for two-factor authentication for e-commerce) is made on the basis of an opinion of the European Banking Authority (EBA) which concludes that the entire e-commerce has trouble getting ready for the new rules in time.

The Payment and Liability Rules of the Payment Act remain in full force and effect

The Danish FSA emphasizes that the extended implementation period does not change the fact that the rules on SCA will come into force on September 14, 2019, although two-factor authentication will not become mandatory until March 14, 2021.

This is among other things relevant to the payment and liability rules of the Payment Act, where companies may be liable in fraudulent payments, if strong customer authentication is not used.

Below, you can read more about the importance of the new rules in the Payment Council's opinion as of June 2019, which was published before the implementation period was extended, and the press release from the Danish Financial Supervisory Authority here.

Lund Elmer Sandager’s Comments

With the extended implementation deadline for the requirement for strong customer authentication, companies that offer online payment have been given more time to get technically ready for the new EU rules. As the Payment and Liability Rules of the Payment Act still apply, and as the extension period does not change the strong customer authentication rules coming into force on September 14, 2019, we recommend that Online businesses implement a two-factor authentication on e-commerce platforms as quickly as possible.

Questions about the new EU Rules?

Avoid that your payment service becomes a burning platform and stay focused on the new EU rules on strong customer authentication. We are closely following the developments in this area and are ready to help with questions about the new rules and implementation hereof.

If you need help to ensure that you comply with the rules, you are always welcome to contact Attorney Anders Linde Reislev in Lund Elmer Sandager's IT law department.

Read the Payments Council's opinion here.

This website uses cookies

We use cookies to integrate with our video provider and for anonymized website traffic statistics.
Cookies are small text files stored on your device, which let's a vendor know not who you are, but that your visit across different pages in the website is from the same browser on that device, and hence probably from the same visitor.

If you at some point logged in or identified yourself on our site or at one of the third party services below, your personal data may have been associated with some of these cookies.

You may opt in of all non strictly necessary cookies.

Read moreRead less

Statistics cookies are used to create anonymous statistics of visitors interaction with the website.
Social media cookies allows us to integrate with well known social media platforms with the purpose of a mixture of marketing, statistics and social interactions on the third party platform.
Neccesary to display Vimeo videos
Neccesary to display YouTube videos