Question to the HM Treasury:

To ask Her Majesty's Government what consultation they have undertaken with banking and finance industry bodies about the new requirements for two factor authentication for online payments, in particular relating to (1) potential disruption to business continuity, (2) consumer confidence, and (3) the cost of additional time incurred.

Regulatory technical standards relating to Strong Customer Authentication have been introduced across retail banking and payment services. These set industry requirements regarding two-factor authentication, for which the Financial Conduct Authority is the responsible authority.

The FCA consulted ahead of making regulatory technical standards for strong customer authentication, and have taken steps to ensure that as far as possible retailers are ready, including working though UK Finance and engaging with retailer trade bodies. Recognising concerns about industry readiness, and to account for impacts of COVID-19, implementation for card-based e-commerce transactions was postponed in several stages, from September 2019 to March 2022.

The rules aim to ensure that the person requesting access to your account, or trying to make a payment, is either you or someone to whom you have given consent. This is in order to enhance consumer protection and improve security.