Snippet: The go-live date for the revised PSD2 SCA requirement is 14 September. It’s not too late, though, and here a few pointers on how you can meet the compliance deadline.

The go-live date for the revised Payment Services Directive (PSD2) strong customer authentication (SCA) requirement is 14 September. Put another way, we’re at five minutes to the stroke of midnight for SCA implementation. It’s not too late, though, which is why I titled this blog post “Just in time”. Many financial institutions have already implemented the PSD2 SCA requirements, but there are still a number that need to take the final steps to meet the September deadline. Although every implementation is one-of-a-kind and every organization a distinct entity with a unique IT environment, there are some common points that any business should consider if it is to implement a PSD2-complaint SCA solution in what is now a very short time frame.

1. Define a clear project scope

Before you even think about starting a project, you need to define its scope. The more detail you can set down now, the smoother the implementation will be. In addition to listing the deliverables, describe the implementation process itself. How do you want to manage the project, for example? Will you use PRINCE2 or take an agile approach?

2. Determine your organization’s SCA requirements

Gather from key stakeholders all SCA requirements for your organization. Getting to grips with these – very clearly understanding and defining them – will help you select the right vendor and solution for your needs. You will also be able to include this information in the vendor proposal, providing clarity over your requirements at the start, and ensuring they are all met in the end. A project like this involves more than finding the best solution from a technical perspective or something “good enough for now” from a regulatory one. Important considerations could include your existing systems, other planned investments, anticipated changes in business strategy and product positioning, the user base, and budget, of course.

3. Choose the right implementation partner

With the PSD2 deadline so close, it would be prudent to select a technology partner with an off-the-shelf solution meeting all your requirements – and, crucially, those of the regulator. Our Transakt product, for example, offers a PSD2-compliant SCA solution already widely used across Europe and judged “state-of-the-art” by independent consultancies like Bonn-based SRC Security Research & Consulting.

4. Keep calm but act now

Although the clock is ticking ever more loudly towards the PSD2 deadline, it is important that you don’t make any overly hasty decisions. Don’t panic. Rush now and it may very well backfire on you later. An experienced vendor will aid you in making the most of the remaining time, as will a proven product with a short time to market. Entersekt’s end-to-end SCA solution generally takes between two and four months to final go-live.

Bottom line

Time is short. Find the right partner with an off-the-shelf-product to successfully implement your PSD2 SCA solution in time. Be thorough in your preparation, and you can’t go wrong!

Subscribe to our blog.

Sander Voorwinden


Sander is a no-nonsense Agile project manager with a pragmatic approach, and a calm and steady hand in stressful situations. By adapting quickly to challenging situations, his humor and perspective help motivate his team at Entersekt and bring projects to their succesfull conclusion.

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.