I’ve got an email from my (not-Monzo) bank that they “will be making contactless payments more secure”, and concretely, “After you make five contactless payments in a row (or once your payments have totalled £135) you’ll be asked to enter your card in the machine and enter your PIN.”.
They say that they have to do this because of the Payment Service Directive II regulation / Strong Customer Authentication.
I know a bit about SCA, I know that payment providers like Stripe have to implement it and it means that when e.g. credit card details are stored, they need to make sure that the customer is really the customer, and from time to time there might be a confirmation necessary by authenticating again.
But my question is now: Does the “Payment Service Directive II” really mandate that for contactless payments you now have to put card & PIN every fifth transaction? This would make contactless payments kind of useless and I have a hard time believing that. I more feel like the regulations are probably indeed getting stricter in some abstract way but my bank is overdoing it here.
Does Monzo plan to (have to?) do something similar? If they did not, that would be a significant argument for me to switch to Monzo (hence I am posting this on these forums).
Contactless payments are so convenient, and if you have to put the card into the machine every freaking fifth time, that just made contactless payments so much less useful and convenient.
For that reason, I can’t really believe that these regulations would mandate such a strong requirement for contactless payments, and I am guessing my bank might be overdoing it here (all in the name of security)…?