Shopping online in the UK is changing - here's what you need to know

Online Shopping
(Image credit: Pickawood / Unsplash)

UK shoppers will now face more security checks when making an online purchase under new customer protection rules.

From today (March 14, 2022), ecommerce shoppers will face mandatory multi-factor authentication in an attempt to cut down on fraud and online crime, making sure consumers don't get scammed.

The changes, which will also apply to face-to-face shopping, will make completing a purchase a little bit longer and slightly more fiddly, but it's nothing to be concerned about - here's all you need to know.

What has changed?

The new Strong Customer Authentication (SCA) requirements will now mean you'll go through an extra step when making a purchase, effectively designed to make sure you are who you say you are.

They've actually been in place since March 2020, but will now become mandatory, with all retailers needing to ensure they have the systems in place.

After adding your payment information, and in some cases potentially after clicking a Buy or Purchase button, you'll then be asked to provide an extra piece of information to confirm your identity.

This could be a biometric scan of your fingerprint, a piece of information such as a full or partial password or code phrase, or an alert on a separate device, such as an SMS text message sent to your phone, or an automated phone call. If you are unable to complete this, the transaction will be declined.

Many users will already be familiar with such steps, which have been common sights in online banking and finance apps for some time, but the systems will now be much wider spread than ever before.

In-person shopping will largely still rely on chip-and-pin security protection, which is covered by SCA, so there's no big changes there.

SCA is part of the second Payment Services Directive (PSD2), which looks to add extra layers of security to electronic and online payments. PSD2 applies to the European Economic Area (EEA) covering most of the EU, and also the UK.


(Image credit: Pixabay)

Why is it changing?

Cybercrime is sadly a rapidly-growing concern for consumers and businesses alike, with proceeds growing during the pandemic.

Industry body UK Finance found that £1.6 billion of fraud was stopped in 2020, but the pandemic meant that 2021's figure could be even higher as more consumers turned to online shopping.

UK Finance had found that losses from bank transfer scams grew 71% to £355 million during the first half of 2021, the equivalent of almost £2 million a day. Impersonation scams also rose 123% in the first six months of 2021 compared with the same period in the previous year.

SCA rules were first announced in 2019, but companies were given extra time to implement the rules due to the effects of the pandemic, with March 14, 2022 now the final deadline.

Leading payment providers are already well prepared to help consumers deal with the change, with the likes of Visa, Mastercard and Stripe offering a range of services for both groups.

If your business still needs more advice or guidance, the FCA has an online portal with all the information here.

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.