Is strong customer authentication working?
Entering a one-time password to complete an online transaction is now mandatory, so is strong customer authentication working? Or have fraudsters simply changed tactics?
Anyone who has shopped online recently will have already become accustomed to the extra step of having to receive and then use a one-time password (OTP) or log onto their mobile banking app to approve a purchase.
This strong customer authentication (SCA) step became mandatory in March, as ecommerce providers were obliged to ensure customers prove their identity through something they know (a password) and something they own (their mobile phone).