What are the Payment Services Directives and Strong Customer Authentication?
The Second Payment Services Directive (PSD2)
This is a new EU directive regulating payment services in the European Economic Area. The directive requires new measures that impact how you access your account and pay with PayPal.
Strong Customer Authentication
It introduces two-factor authentication for online transactions, known as 'Strong Customer Authentication' (SCA). For online transactions in Europe and the UK, this extra security is coming to help keep online card purchases more secure and prevent fraud.
What changes will I see when using PayPal?
Most of the time you'll log in or pay with PayPal by entering your email address and your PayPal password as usual. We may sometimes ask you to confirm your identity. The easiest way is via the PayPal App. Make sure you authorize push notifications from the PayPal App. Click here to download the PayPal App. You'll also have the option to enter a one-time passcode which we will send by SMS to the phone number you've registered with us; or via a phone call if you have a landline.
What do I need to do?
Check that your current telephone (mobile and/or landline) number is correct in your PayPal account Profile. If we need to ask you for a one-time passcode we can send it by SMS to your mobile phone number or via phone call to your landline, so your payment or login won’t be delayed.
For easy authentication, you can also download the PayPal app. If we need to confirm your identity, you can open the PayPal App to provide confirmation.
When will I need to enter this code? Do I need to do it every time I log in or pay?
Most times, we'll be able to verify your identity using the PayPal password you’ve typed and the device you're using (if it’s one of your usual devices). So, you may continue to login to your PayPal account or pay with PayPal as usual, using your email address and your PayPal password.
Where can I get this additional code? Isn’t it the same as my PayPal password?
No, the one-time passcode isn't the same as your PayPal password. We'll send you a one-time passcode by SMS or via a phone call to your landline each time we need a stronger verification of your identity. It’s important that you keep your phone details up to date in your PayPal account Profile to make sure this can work.
What is “Confirm using PayPal app”?
When you choose to "Confirm using PayPal app", we will send a push notification on your mobile phone that is typically used to access PayPal. If the notification doesn’t appear by itself, open the PayPal app from your phone and the verification prompt will appear on your mobile app to complete the process.
If that doesn’t work either, click Try another way on the web screen and retry or choose another challenge to complete the authentication process.
I've already enabled 2-step verification on my PayPal account, will I see changes?
2-step verification is authentication that complies with SCA. Hence, you won't see any changes when logging into your account. However, if you decide to disable 2-step verification, please make sure you have an up-to-date phone number in your profile before.
I don’t have a mobile or direct landline number to link to my PayPal account. Is there another way to verify my identity when logging in?
In order to continue to access your PayPal account in compliance with PSD2 regulations, you'll need to enable the 2-step verification setting from your settings profile page. This setting allows for more SCA compliant verification options. At this time, 2-step verification offers Mobile and Authenticator App.
What are Authenticator Apps and Security Keys?
An Authenticator App generates a one-time passcode that you can use to sign in along with your password when you log in. After you download the authenticator app to your phone or desktop, scan the QR code displayed or enter the unique serial key on paypal.com to link them to your PayPal account. Once set up, the authenticator app will provide a one-time passcode that changes periodically.