PSD2 is essentially the new EU regulation for online payments. It stands for 'Payment Service Directive' and is labeled 2 because it represents the updated version of the rules. Originally set to come into effect on September 14, 2019, the implementation was postponed until January 11, 2021, in Denmark. These regulations were introduced with the goal of making electronic payments safer for both webshop owners and their customers.
The PSD2 regulations introduced a requirement for strong customer authentication (SCA), meaning that two-factor authentication will now be necessary for customers. Many are already familiar with this from services like MobilePay and 3D Secure, used with Visa and MasterCard. While this was already in place before PSD2, it is now mandatory for payments over €30 or 225 DKK to be approved using strong customer authentication.
When shopping online, there are two methods to authenticate your identity with two-factor authentication. You can either use your NemID or verify with a one-time code and a password. After accepting the terms and proceeding to payment, you should expect one of these methods to be used.
As part of the payment process, you will be required to enter your NemID username and password. Then, you must confirm the transaction through the NemID app or the NemID key viewer.
Important! You can no longer use the NemID paper card to approve online purchases.
During payment, you’ll receive a one-time code by SMS that you’ll need to enter along with a password you’ve set up. Don’t forget to check that the information in the SMS matches the purchase you're making.
Important! It’s best to use universal characters and avoid special characters such as æ, ø, and å when setting up your password.
In the image below, you can see the pop-up window that appears when you need to perform two-factor authentication for your payment. It will always open with the NemID option first, but if you have set up "SMS+code," you can select this option here. If you choose this, a new window will open where you can enter your personal code, after which you will receive a one-time code that must also be entered.
As mentioned above, all purchases over 225 DKK (€30) must be approved with two-factor authentication by the customer. Additionally, there are specific rules for subscription sign-ups. When a customer registers their card for a subscription, they must actually complete two-factor authentication at the time the card is registered.
Even if your subscription is only 99 DKK per month, the customer will face the validation process when they register their payment card. Once the card is validated at the time of registration, all future renewals will automatically be 3D-Secure. This means your customers won’t have to approve payments each time you process a charge or send a new subscription product.
First, we'd like to reassure you that by registering with pensopay, your payment solution will automatically comply with the latest regulations. However, if you'd like to double-check, there’s a simple action you can take to ensure your shop adheres to the rules. In your payment gateway, which you can log into here, there is a “filter” you can activate.
Follow these steps:
Once activated, your webshop is now fully compliant with the law.
If you're unsure about anything, you can always reach out to our support team at support@pensopay.com for help.
Make sure that your customers have access to information about SCA—it’s a small step that can greatly improve the customer experience. One simple way to do this is by adding a pop-up in the checkout that provides this information. This prepares your customers for the need to either log in with NemID or enter a one-time code to complete the purchase. In the end, it’s better to give your customers too much information than not enough.
It’s essential to assist your customers properly. The right information and guidance can ensure more sales. Here’s a checklist you can use if your customers have questions about the PSD2 regulations.
Always check:
1. Which browser are they using? Suggest they try using a different browser.
2. Is the card registered with NemID? You can register your card here.
3. What error did their computer report? If it’s an "unknown error," it could be the issue mentioned above, or it could be a small technical error with Nets. In such cases, you should advise them to try again.
They must use the key app or NemID key viewer from now on – the paper card has been discontinued and no longer works online.
If none of the above solutions work, we’re of course available at support@pensopay.com – remember to include the order number in the email so we can identify the issue.
Team pensopay