SCA Statement

This refers to the European Union Payment Services Directive 2015, replacing an earlier EU payment services directive in 2007. PSD2 came into force in January 2018. One of the new aspects included in PSD2 is to require payment service providers to ensure more effective security protections are applied to payments made by consumers.

SCA is the process that additionally validates the identity of you the payment service user when you log in to access online and mobile banking with our credit union, and for further services such as making payments or changing your address.

In that regard when accessing your account or approving certain actions, you will be required to authenticate yourself using two out of three of the following:

  • Something you know e.g. a password or PIN
  • Something you have e.g. a mobile device
  • Something you are e.g. a finger print or eye (biometric)

In summary SCA is the application of additional security features which are referable and unique to the identity of the payment service user when making online payments.

SCA applies to customer initiated online payments within the European Union. Most card payments and all credit transfers require SCA. Recurring direct debits are considered merchant initiated payments, and thus do not require SCA.

SCA will be applied when you effect any of the following actions through our CU Online+ Account Service:

  • Access your account
  • Initiate a payment
  • Initiate an action which may imply a risk of payment fraud e.g. creating a new payee

Under PSD2, SCA is mandatory for payment service providers and payment service users. To make this change easier, check that your mobile phone number and personal details are up to date on your cuOnline+ profile, or you can call into our office.