SCA events and exemptions
The table below identifies which customer actions require SCA. Contis as the regulated entity has full control over the use of exemptions and implements these where applicable.
CUSTOMER ACTION | IS SCA REQUIRED? | SCA EXEMPTION AVAILABLE? | NOTES |
---|---|---|---|
Account Login | Yes | Yes | If can only see balance or <90 days transactions, then SCA not required but 2FA SCA on login must have been performed in the last 90 days to use this exemption |
Change address online | Yes | No | |
Change mobile online | Yes | No | |
Card Spend – Contactless | Yes | Yes | Limited by amount of all consecutive Contactless transactions |
Card Spend – Online (includes stored card details) | Yes | Yes | Transactional Risk Analysis |
Bank Transfer/ Payment Out of Account P2P/Internal Transfers – Send via mobile no, email or username | Yes | Yes | Trusted Beneficiary, Low Value Limit |
Creation/changing a standing order | Yes | No | |
Trusted beneficiary added/changed/removed for payments/transfers | Yes | No | One payment to be made, before functionality available to customer |
It won’t be possible to predict for all transactions whether SCA will apply (or not), or if an exemption is available. For example, the low-value limit is set to EUR30, but not all amounts less than this will be exempted.
The use of exemptions is discretionary and also certain exemptions are only permissible where fraud levels remain under prescribed limits. Therefore, the use of exemptions is always subject to change by Contis.