[2] However, with the approval of the European Banking Authority,[3] several EEA countries have announced that their implementation will be temporarily delayed or phased,[4][5] with a final deadline set for 31 December 2020.
[10] On 31 January 2013, the European Central Bank (ECB) issued recommendations on Internet payment security, requiring strong customer authentication.
Subsequently, the European Commission drafted proposals for an updated Payment Services Directive including this requirement, which became PSD2.
noted that many UK banks were implementing SCA by requiring a phone capable of receiving a text message or push notification.
[15] In 2020, an independent report conducted by consultancy firm CMSPI found that the potential disruption caused by strong customer authentication (excluding the United Kingdom) could be €108 billion in 2021.