Why have we made changes?
This Autumn, new requirements for authenticating online payments are being introduced in Europe, including Strong Customer Authentication (SCA) on 14th September. These requirements have been introduced by Governments and financial authorities to make payments more secure in order to prevent fraud and protect customers. To read more about SCA, take a look at our blog post.
Although an 18 month phase-in period has been granted to allow banks to implement the changes by March 2021, we're now fully compliant as some banks may require authentication straight away.
Now when you make an online payment, SCA requires you to verify that you are who you say you are. In Arbor, this means users or parents will need to complete an extra step to verify the transaction when making a payment through the Arbor MIS, Parent Portal or Arbor App.
Some small payments under £30 may be exempt from Strong Customer Authentication because they are low-risk. This means that users may not need to complete the extra step of authorisation for every transaction they make.
What are the changes?
At Arbor, we’ve introduced changes to the way we process card payments to become 100% compliant with the new regulations. You won’t need to make any changes - we’ve taken care of all that for you already!
When you click to make a payment, you'll first input the details for the payment you want to make. In the example below I am a parent topping up a meal account.
Next, a pop up will appear for you to input your card details into.
You must use a Visa or Mastercard. If you input the details of another type of card, this will be flagged to you and you will need to input the details of a Visa or Mastercard card.
If the expiration date has passed you will be made aware of this so you can choose another card to pay with.
Once the details are correct, click Pay.
If you try to proceed with the payment and it is unsuccessful, you will be informed of the reason and you will need to attempt the transaction again.
There are many reasons why a payment may be unsuccessful. For example, if the security code is incorrect, you will be made aware of this so you can choose another.
For the example below, there could be multiple reasons why the payment could not be authorised. You would be able to add new card details and attempt the transaction again.
If authentication is needed for the payment, you will be prompted to authenticate the payment using the method of authentication your bank supports. This could be:
- an SMS code,
- your mobile banking app
- another method
For example, here's what it may look like if you're using Monzo. (Please note, we are not affiliated with Monzo, this is purely an example)
Once we've been able to confirm your identity, the payment will be completed and your card will be charged. You'll see confirmation that the transaction has been successful.