Strong Customer Authentication (SCA) — a requirement aimed at increasing the security of payments —  came into force on 14 March 2020 under the PSD2. All European payment services must comply with it. According to the requirement, ePayments has implemented the additional level of security. We have added the obligatory two-factor authentication for all important actions in the system.

To use our service, you need a device with the installed ePayments app (you can get it in App Store or Google Play). There you will confirm your login to the account, as well as your financial transactions and other important actions.

⚠ You won’t be able to use the ePayments service without a mobile device with our app.

How to link device

🛈 You can have only one trusted device

Via mobile app (preferred method) 

1. Log in via the ePayments app.
2. Reset your PIN code for the ePayments app.
3. You will be automatically redirected to the page asking to make your device trusted. Click Confirm. 

Here we go! Your mobile device is trusted now.

Via website

1. Log in to your account in ePayments. You will see the page with the QR-code.
2. Open the ePayments mobile app. DO NOT enter login and password. Click Bind device via QR.
3. To scan the QR-code in the mobile app, point the camera at the screen of the computer or the laptop. 
4. Reset your PIN code for the ePayments app.

Here we go! Your mobile device is trusted now.

How to log in to account using trusted device

To log in to the ePayments account, you should have a trusted device (see How to link device).

Via mobile app (preferred method) 

First login:

1. Open the mobile app.
2. Enter login and password.
3. You will receive the SMS with a confirmation code to your mobile phone. Enter it in the relevant field.

Further logins:

1. Open the mobile app.
2. Enter PIN code or confirm the action by biometrics (depends on settings and model of your mobile phone).

Via website

1. Enter login and password.
2. You will receive the notification to your trusted device. Open it and click Confirm.

How to confirm financial transactions made via trusted device

Via mobile app (preferred method)

1. Fill in the transfer details. For more information on all types of transactions, please follow the link.
2. Check the amount, the fee and the recipient. Confirm the transfer by biometrics. If your trusted device does not have this feature, enter the PIN code for the ePayments app.

Here we go! The transfer is confirmed.

Via website

1. Fill in the transfer details. For more information on all types of transactions, please follow the link.
2. You will receive the request for transfer confirmation on your trusted device. Check the amount, the fee and the recipient. Click Confirm.

Here we go! The transfer is confirmed.

What if trusted device is lost

If you lose a trusted device, unlink it from your ePayments account as soon as possible. 

To do this:

1. Follow the link https://my.epayments.com/n/login. Enter login and password.
2. Click Can’t access the device? in the opened window.
3. Fill in all fields in the request to restore the access to the device. Click Send

We will process your request within 24 hours and send you an email.

If you’ve deleted the ePayments app, it is required to unlink the trusted device according to the instruction above.

FAQ

Is it necessary to use a mobile device? Why?

Yes, it is, since ePayments complies with the Strong Customer Authentication (SCA) requirement. To enhance your security, we will request a second factor of authentication every time you access your account or perform a transaction. This factor will be generated through the ePayments app, so you need a mobile device to use the service.

What are the Strong Customer Authentication (SCA) and the second factor of authentication?

Strong Customer Authentication is a requirement aimed at increasing the security of payments and reducing fraud. All European payment services must comply with it. 

According to SCA, two of the three factors must be requested during the authentication:

1. Data that a customer knows (password or PIN code)
2. Device that a customer owns (for instance, mobile phone)
3. Who a customer actually is (fingerprint or face recognition)

The second factor (i.e. device availability) is mandatory step in ePayments. In addition, we will request the first or the third factor, depending on your transaction and the device model.

What directive requires SCA compliance?

The Strong Customer Authentication (SCA) requirement must be met under the Second Payment Services Directive (PSD2) which is enacted within the EU. It came into force on March 14, 2020. You can find out more on the FCA website (Financial Conduct Authority).

I live in a non-EU country. Why is PSD2/SCA applicable to me? 

PSD2 applies to all European payment services. ePayments operates under UK law and is licensed by the FCA, so we are obliged to provide services to our customers in strict compliance with PSD2 requirements.

What to do if I don’t have a smartphone but only an old school phone with buttons? 

Unfortunately, in this case you will not be able to use our service. You need to have a mobile device with our app to use ePayments.

I have always used only the ePayments web version. What am I supposed to do now? 

You can still use the web version of the service, but now you will have to confirm your login and transactions via the ePayments app. In order to do this, download the app to your mobile device and make it trusted (see instructions above).

I want to turn off 2FA, how can I do this? 

According to our security policy, two-factor authentication can’t be disabled. It is a mandatory option that protects your personal data and money.

Can I register several trusted devices if I use several phones?

No, you can have only one trusted device.

I have a corporate account and make dozens of transactions per day. Do I have to confirm each of them? 

Yes. According to SCA requirements, you must confirm each transaction separately. Mass transfer is considered as one transaction, so you must confirm it once.

Can I use a rooted device and make it trusted?

No. According to the SCA, rooted devices do not meet safety requirements.