ONLINE SHOPPING (SCA)

PSD2

THIRD PARTY ACCESS

Your online shopping is now more secure

With the application of SCA, to be able to make online purchases with a card you will need:

  • A message/notification that we will send to your mobile phone.
  • Your access codes.

What is SCA (Strong Customer Authentication)?

Stronger authentication is one of the main measures introduced by the European Directive 2015/2366 on payment services in the internal market, known as PSD2.

The aim of this measure is to strengthen security in online shopping. For this reason, in some cases we will send a message/notification to your mobile phone with a link that will redirect you to the Bank's identification page, where we will ask you for the password you use to access your Online Banking.

These new security measures help to make your online payments even more secure, so you can do your shopping with complete peace of mind, which is why it is very important that we have all your details up to date.


What changes when you shop online?

You will be able to continue shopping normally, however, it is possible that from now on:

  • Once you have entered your card details on the shop's website, sometimes, in order to complete the purchase, a new page will appear where you are informed that you will have to identify yourself. Press "continue".
  • You will receive a message on the telephone number you provided in the Digital Banking Agreement, with a summary of the transaction. This notification will include a link that will redirect you to the Bank's identification page.
  • Once you click on the link we have sent you, you will be asked for the password to identify yourself and confirm payment.

However, the regulations provide for certain exceptions, which the Bank is entitled to apply, allowing you to complete the purchase without going through this process, therefore, sometimes you will not receive this message/notification when shopping online.


As a customer, what do I have to do?

In order to continue shopping online, it is essential that your data in Banco Santander is up-to-date (telephone number associated with the Digital Banking contract and Online Banking access code), so that you can receive the message/notification that will allow you to identify yourself and authorise online purchases and/or access to the App and Online Banking.


And how do I do that?

If you are already a customer who uses our digital channels (Online Banking or App):

  • If you use our digital channels and you receive an SMS code for certain transactions, you don't need to do anything. We will keep sending you a code to your mobile phone for the transactions that need it.
  • If you visit our Online Banking or App, but you do not usually perform transactions that require a confirmation code, make sure we have your current phone number that is linked to your digital banking contract. We will notify you so you can do it online. And, of course, you always have our network of branch offices where you can confirm this.

If you are a Banco Santander customer but do not yet use the digital channels:

  • If you don't remember your password, don't worry, you can go here to recover your password.
  • If you still don't have a password, register for Online Banking so you can start operating and shopping online and enjoy a world of advantages wherever you happen to be, get your access code.

You can also request your access code for Online Banking and start enjoying the advantages and convenience of operating via the Internet.

You can always rely on our network of offices for anything you may need.

Find out how PSD2 affects you

From September 2019 you will also need your code and telephone number in order to access your Online Banking and the Santander App.

  • Your access code + A code that we will send to your mobile phone.

Find out about the new PSD2 regulation

PSD2 (the Second “Payment Services Directive”) is the European Union (EU) legislation that regulates the provision of payment services and electronic payment transactions.

This legislation is intended to ensure that payment service users benefit from the advantages offered by innovation and technology to make financial transactions even more secure.

One of the measures included in the law is Double Authentication or SCA.


What else should I know about PSD2?

Two new bodies are regulated under PSD2:

  • The “AISP” or “Account Information Service Providers”, that allow access, always with the client's authorisation, to their accounts, even if they are held at different banks, to see their activity, and to display this information in an aggregated form (in the same application or screen).
  • The “PISP” or “Payment Initiation Service Providers”, that allow a payment to be made from the consumer's account to the merchant's account.

PSD2 allows Banks to provide Account Aggregation and Payment Initiation services, but also allows other non-Banks (Third Party Providers or TPPs) to be Initiators/Aggregators.

If you engage TPPs, you will be giving them permission to access the activity of your accounts, or you will allow them to initiate a payment from one of your accounts, so it is very important that you always have confidence in whoever you hire to provide these services.

At Banco Santander we recommend that you read all the information before clicking and accepting the conditions.

Remember that giving access to your bank details can involve giving access to a lot of information about your life: what you spend money on, how much and when you spend it.

If you decide to allow access to your transactions, we cannot be responsible for any use that third parties make of your data.

Access to accounts by third party providers

In compliance with Royal Decree-Law 19/2018 of 23 November on payment services and other urgent measures in financial matters and following the specifications of the Commission Delegated Regulation 2018/389 of 27 November 2017 which supplements Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication and common secure open communication standards, Banco Santander as a payment service provider account manager, gives access to payment initiation service providers, account information providers and payment service providers that issue card-based payment instruments to their systems through a specific interface.

To facilitate the access of these third parties to the interface, a dedicated area is provided, where they can access:

  • The technical documentation of the specific interface in various formats.
  • A test facility to carry out functional and connection tests.

In addition, if assistance is required, a support team is available which can be contacted through the following channels:

  • Email (after downloading and completing this form). Depending on the type of incident, the following contacts are available:
  • For questions concerning the testing facility or Sandbox: psd2.sandbox.soporte@redsys.es.
  • For questions concerning the production facility: psd2.hub.soporte@redsys.es.
  • Telephone: 917 282 321, Monday to Saturday, 08.00h to 22.00h.

Statistics on performance and availability of the dedicated interface (PDF 18.05 KB).

Statistics on performance and availability of the dedicated interface - International Branches (PDF 64.69 KB).

You might be interested in

×
${loading}
×