The European Association of Payment Service Providers for Merchants (EPSM) is urging European lawmakers to make clear that card payments with SCA will be out of the scope of the planned eIDAS 2.0 regulation.
EPSM urges clarity around proposed eIDAS 2.0
There should be no forced mandate to add expensive new hardware and software to the globally accepted card infrastructures “EMV Chip and PIN” (at POS terminals) and “EMV 3DS” (in e-commerce) according to the members association
EPSM became aware of the following statement from the banking sector only very recently: European Digital Identity (eIDAS 2.0) framework – Concerns about mandatory acceptance for payments, which refers to the currently planned wording in the ITRE committee of the European Parliament: REPORT on the proposal for a regulation establishing a framework for a European Digital Identity.
EPSM is urging the European lawmakers in the trilogue-phase to change the wording of the planned eIDAS 2.0 regulation concerning card payments.
In the current wording, card payments at the POS and in e-commerce with SCA adhering to PSD2 would be fully in scope – according to the wording of the present text.
Consequently, nearly all merchants in Europe would have to invest in expensive and complicated POS terminal updates or even would have to buy new, costly POS terminals.
The EPSM estimates that about 5 million POS terminals would be affected, with a total replacement cost of at least €250 per terminal. This would be a cost of more than €1 billion, and would have to be ultimately paid by all the merchants in the EU – from very large retailers to the smallest kiosk owner.
Also, for e-commerce payment transactions (card not present), the mandatory coverage of card payments would be very complicated and very costly to implement, especially as the planned eIDAS architecture will not use the globally introduced and established EMV 3DS standards.
Even in the scenario of very focused wallet payment applications, the technical details and the user experience are still open. Before any introduction of mandates, the planned wallets should be first thoroughly tested and piloted with end-users.
In detail, the EPSM supports the changes, similar to the recently proposed changes by other organisations:
Recital 31
(31) Secure electronic identification and the provision of attestation of attributes should offer additional flexibility and solutions for the financial services sector to allow identification of customers and the exchange of specific attributes necessary to comply with, for example, customer due diligence requirements under the Anti Money Laundering Regulation, [reference to be added after the adoption of the proposal], with suitability requirements stemming from investor protection legislation, or to support the fulfilment of strong user authentication requirements to verify the identity of the user (legal or natural person).
(16) Art. 12b.2
Where private relying parties providing services are required, by Union or national law, to use strong user authentication, to verify the identity of the user (legal or natural person), including in the areas of transport, energy, banking and financial services, social security, health, drinking water, postal services, digital infrastructure, telecommunications or education in particular with regard to the recognition of educational and professional qualifications, private relying parties shall also offer and accept the use of European Digital Identity Wallets and notified electronic identification means with assurance level ‘high’ issued in accordance with this Regulation.
“In the sense of “better regulation”, also in the interest of merchants and ultimately the European citizens, we hope that the European lawmakers will take note of these comments,” reads the final comment in the letter.
The post EPSM urges clarity around proposed eIDAS 2.0 regulation for card payments appeared first on Payments Cards & Mobile.
