PSD2 Directive

More peace of mind, more security

PSD2: The new EU payment directive ensures enhanced security when you carry out transactions with your accounts, make internet payments, shop online or use financial data aggregation services.

SCA (Strong Customer Authentication)

Two-factor authentication: the new verification system requires the combined use of two authentication mechanisms for online transactions with your account and cards as well as all internet payments.

How does two-factor authentication work?

A new process for greater security

With the new form of authentication, whether you're making your purchase through your computer or tablet, you'll always need your phone at hand to be able to complete payment.

It's therefore essential that you register your mobile phone number with Bankinter as your security signature.

You can do this in the 'My details' section of your private area.

This is how it works:

The first thing to do is the same as usual: enter your card details on the store website.
From now on, you will need your mobile phone to complete payment because you'll receive an SMS with a link directing you to a secure Bankinter page.
On the Bankinter secure page, you must enter your card PIN.
Done! You can go back to the store website to check the details of your purchase.

And if your phone has biometric recognition, it will be easier and just as safe.

If your phone has access by fingerprint, retina and iris or facial expression, the process is even easier and faster: when you make a purchase, you'll receive a notification and all you have to do to complete the transaction safely is unlock your phone and confirm the payment on the screen.

Female scanning fingerprint on smartphone, on gray background. Unlock mobile phone.; Shutterstock ID 579086326; Purchase Order: -

How to activate biometric recognition

Download the Bankinter app

If you have already downloaded it, update to the latest version. It's always important to use the latest version of the app, but now more than ever.

Activate notifications

Check that you've activated Bankinter notifications. If you haven't, activate them now.

Register your phone as a trusted device

For the registration to be effective and allow you to use this method for your online purchases, login via biometric recognition must have been activated for at least 15 days. We explain how to register your phone...

This is how to register your phone

Enter the "Mobile Payments" section of the app that you will find in the + button that appears when you select one of your cards.
Select “Add this device”.
Sign with the code we send you via SMS.

Compulsory adaptation to the two-factor authentication or strong customer authentication (SCA) system for online purchases is underway. Depending on your merchant type and virtual platform, you may need to make certain adjustments to comply with the requirements.

Merchants with terminals on Redsys platforms

If you still have a Virtual POS with non-secure e-commerce, you need to adapt your terminal to the relevant 3DS protocol. We'll tell you when the PSD2 directive enters into force for e-commerce and we'll adapt your terminal so you don't have to worry about it and can comply with the new directive.

Merchants with terminals on their own platform

If this is your case, please remember that although there is a deadline to give all participants time to adapt their systems to the new directive, you need to check with your service provider and make the necessary adjustments to your platforms so that they function securely and in line with new directive.

Transactions that don't require SCA

Certain transactions are excluded from the scope of the PSD2 directive:

- Payments initiated by the merchant without customer participation, such as recurring subscription payments.
- Mail order or telephone order payments (MO/TO).
- Non-payment transactions, such as card validation for €0.
- Merchant or card transactions outside the EU.