SCA EN

  • Make sure that you have the latest version of MyBRD Mobile application. Check the application market on your smartphone (Google Play for Android and App Store for IOS) if MyBRD Mobile has the “Update” option and make this update.

  • On the smartphone where MyBRD Mobile is in installed, make sure that you have checked the permission for receiving notifications (Android: Settings → Applications → Search “MyBRD Mobile” → Notifications-allowed; IOS: Settings → click MyBRD Mobile from your applications list → check Allow Notifications).

  • On the smartphone where MyBRD Mobile is installed, make sure you've registered your biometric data: fingerprints and facial recognition so you can use it in MyBRD Mobile (Android: Settings → Biometrics and security → Fingerprints; IOS: Settings → Face ID and Passcode).

  • Make sure that in MyBRD Mobile application, “Settings” menu, “Feed settings”, you have checked all the options in “Select feed item to show” menu.
  • Make sure that in MyBRD Mobile application, “Settings” menu, you have checked the “Fingerprint” option, both for Android and for IOS.

As of September 14, 2019, the PSD2 directive of the European Union was implemented, requiring Strict Customer Authentication for all electronic payments. The directive aims to protect users by requiring financial service providers to use at least two of the three existing types of identity authentication to validate payments. Authentication methods are either based on knowledge (e.g .: passwords), possession (e.g .: SMS) or identity (biometric authentication, e.g .: fingerprint). Thus, electronic payments will require authentication by using at least two of the above elements.

Strict customer authentication requirements apply to all payment cards issued in the European Economic Area and to merchants and service providers established in the European Economic Area.

During the online payment, as before, you will have to enter the card details and click on the payment button. In the next step, you have two validation methods:

  • You receive a push notification from MyBRD Mobile on your smartphone and you must access it right upon receipt. Then, all you have to do is validate your payment by signing in with your biometrics (fingerprint or facial recognition) or PIN, and the amount will be locked into your account.Here you can see the screens of an online card transaction with MyBRD Mobile authentication

  • As an exception, if you do not have a smartphone or do not have MyBRD Mobile, you will be able to authenticate with a unique SMS code, to which you will add an additional password that only you will know

It is good to know that there may be exceptions in which you will not be asked to validate the payment.

Because push notifications from MyBRD Mobile require an internet connection, you will not receive the push message, but you can validate the transaction using a unique SMS code, to which you will add an additional password that only you will know.

You will not be required to enter your card details again, but authentication will be mandatory, unless when BRD applies exemptions.

We expect the strong customer authentication for online shops and merchants in the European Economic Area to reduce the fraud of such payments. However, it is still recommended to block your card if you detect any suspicious activity.

The second directive of payment services, respectively its transposition into national legislation, Law no. 209/2019, introduces new rules regarding contactless payments, for which the strong customer authentication is requested, as follows:

  • after 5 consecutive contactless transactions without PIN, the next one (the 6th transaction) will be mandatory performed with PIN;

  • when the cumulative amount of consecutive contactless transactions performed without PIN, exceeds 150 EUR (or equivalent in RON), the next transaction will be mandatory performed with PIN.
    • It might occur that a POS terminal is not yet updated according to the new regulations. In this case the payment can be rejected, although the card is active and functional. Should this happen, you just need to perform the payment by inserting the card in the POS terminal and using the PIN.

According to the regulations in force, there may be situations in which authentication is not required during the payment process, such as: in the case of cards previously saved in merchants' applications / websites, recurring payments, subscriptions but also depending on the payment history to the merchant concerned or the amount of the payment.