Online security changes
New requirements for authenticating online payments have been introduced as part of the second Payment Services Directive (PSD2).
Find out more

Strong Customer Authentication (SCA)

Strong Customer Authentication (SCA) is one of the key requirements of PSD2, a new European regulation which came into force in September 2019.

SCA focuses on improving online security and reducing consumer fraud. Under the new regulations, you have greater protection when you make electronic payments or transactions, such as shopping or banking online.

How does it work?

SCA requires customers to prove their identity using two of the following three elements (also known as two-factor authentication):

Knowledge
Something you know
(eg password or PIN)
Possession
Something you have
(eg card or mobile phone)
Inherence
Something you are
(eg fingerprint or Face ID)

How does it affect me?

If you’re an Internet Banking customer, there will be an additional security check using SecureCall when you log on or make changes to your account.

If you use our Mobile Banking app, you will be required to enter your Passcode to add a payee, make a payment or make changes to your account.

The process to reset your Access Code is also changing. From Tuesday 4th June, please contact Customer Services to reset your Access Code.

Do I need to do anything?

Check your contact details
Please ensure your contact details are up to date and we have the correct mobile and/or landline telephone numbers for you. If we don't have the correct information then we'll be unable to authenticate you.

You can check what details we hold for you already by using 'Other Services' on Internet Banking and going to ‘Change my Contact Details’.

Download our Mobile Banking app

If haven't already, download our Mobile Banking app. It's the quickest and easiest way to manage your accounts.

mobile-panel-appstore.png mobile-panel-googleplay.png

FAQs

  • Why is SCA needed?

    Following a sharp rise in online consumer fraud in recent years, the European Commission intervened by placing SCA requirements on member countries as one of the core components of PSD2.

  • What kind of transactions are affected?

    SCA generally applies to customer-initiated electronic payments, such as card payments and bank transfers.

    However, not all transactions will require additional authentication. There are a number of exemptions, listed below:

    • Trusted beneficiaries (verified payees)
    • Recurring payments (the initial setup will require SCA)
    • Low value or low risk transactions
    • Contactless payments
    • Unattended terminals (parking and transport)
    • Secure corporate payments

    Additionally, direct debits, mail / telephone orders or transactions where either the Issuer or Acquirer is located outside the European Economic Area (EEA) are not affected.

  • When will the changes take effect?

    Updates to our Internet Banking service will take place on Tuesday 4th June.

    An update to our Mobile Banking app will follow later in June. Further details will be communicated to customers.

  • What is SecureCall?

    SecureCall is a fraud prevention feature of Internet Banking which is designed to help protect you and your money from online fraud.

    You may already be familiar with SecureCall as we use it to verify payments to new payees. From June, it will also be required when you log on or make changes to your account.

    You can read more about SecureCall on our Help & Support pages.

  • Will I still need to use my Memorable Word to log on to Internet Banking?

    No, as part of the SCA changes your Memorable Word will no longer be required to log on to Internet Banking. This step will be replaced by SecureCall.

  • What do I do if I've forgotten my Passcode for the Mobile Banking app?

    You can reset your Passcode for the Mobile Banking app by registering your device again. Simply select 'I forgot my Passcode' from the log on screen in the app and follow the instructions.

    To reset your Passcode using the app, you will need your Customer Number and Access Code which you use to log on to Internet Banking.

  • How do I update my contact details?

    You can update your landline number on Internet Banking or over the phone if you have your registered mobile to hand. To update your mobile number, you can visit a local branch, send us a signed request to Investment Services, Cumberland Building Society, Cumberland House, Cooper Way, Parkhouse, Carlisle, CA3 0JF or by email to help@cumberland.co.uk.