PSD2 and changes to how you'll use your cards
In line with requirements of the updated Payment Services Directive (PSD2), you'll soon notice changes when you buy things online or log into ClearSpend, CardsOnline, Intellilink or Smart Data.
You may also notice that you're asked to enter your PIN more often when you make a contactless payment.
From September 2019, you'll be asked to enter your PIN when the cumulative value of low-value contactless transactions exceeds £130.
This is reset each time you enter your PIN, so if you regularly make single purchases that total more than £30, you may not notice any changes.
As of September 2019, you'll need to complete 2-factor-authentication when you spend more than £30 in a single online transaction. You'll also need to do this if you spend £90 or more since you last authenticated.
Your existing card details can serve as the first factor of authentication. We'll then send you a one-time-passcode to input and complete the transaction. The one-time-passcode is a randomly generated set of numbers, sent via SMS.
Occasionally we can send the code via email, but as this is less secure, we try to avoid this where possible. The one-time-passcode will be unique to the individual transaction and will automatically expire after 10 minutes.
We need you to check that the bank has your up-to-date mobile number ahead of the September deadline. If we don't, you may not be able to complete certain transactions when these changes are made.
You'll also need to complete 2-factor-authentication when you use our digital tools. Each application will ask you to do this in a slightly different way.
Select an application to see an overview of the changes we are making to that tool.