One time passcode
From 14th September 2019, as a part of the Payment Services Directive 2 (PSD2), we’ll be introducing the use of One Time Passcodes (OTP) to complete online transactions and to access some services. This will allow us to better protect our customers against Fraud. Here’s a summary of how it works, and what you’ll need to do.
OTP is used when making transactions online and accessing online accounts. We’ll send a randomly generated six digit code to you via SMS or email. You’ll need to key in the OTP when prompted to continue, which must be used within 10 minutes before it expires. This will result in a more secure way for us to authenticate the cardholder identity.
To complete online transactions without disruption, all cardholders will need to provide us with a current mobile number or email address.
If this information is not provided, we won’t be able to deliver the OTP and authenticate the card user. This will prevent them from accessing their online accounts, making transactions online or carrying out any action through a remote channel .
If you received an email or letter from us regarding OTP, please provide the requested mobile numbers or email addresses on the attached form. Return the form to us according to the instructions given.
Alternatively, get in touch with us using the number on the back of your card.
We need to implement a range of technical standards to comply with the requirements of the Payment Services Directive 2.
Strong Customer Authentication (SCA) is one of the requirements. SCA is a secure way of identifying the payer (customer) each time they:
- Access their payment account online
- Make a transaction online
- Carry out any action through a remote channel.
This will allow us to better protect our customer against Fraud. SCA requires payers to complete two factors of authentication:
- First Factor - using card details (long card number, expiry date and CVV number)
- Second Factor - a One Time Password (OTP) verification.