Air Bank a.s.

We definitely appreciate the importance of setting up a robust strong customer authentication (“SCA”) regime. However, based on our experience from retail banking, the knowledge of the behaviour and the expectations of retail clients we consider the proposed exemption from the requirements to arrange SCA as very restrictive. In particular the time period specified as “later than one month after the last day in which strong customer authentication was applied” leads to the necessity to perform SCA at least once a month. In practice significant number of payment accounts are accessed by their users online relatively frequently with most accounts accessed least several times a month. In this respect we suggest a modification to the proposed rules. Specifically, we suggest that additional SCA does not need to be conducted in case a user of the account accessed frequently - for example once a week. In this context, we are of the view that the monitoring of security of the account is ensured by the account users themselves sufficiently. On the other hand it is not necessary to impose additional administrative burden on payment account operators in the form of frequent conduct of SCA. Also customers may be disappointed by excessive use of SCA.
We definitely appreciate the importance of setting up a robust strong customer authentication (“SCA”) regime. However, based on our experience from retail banking, the knowledge of the behaviour and the expectations of retail clients we consider the proposed exemption from the requirements to arrange SCA as very restrictive. In particular the time period specified as “later than one month after the last day in which strong customer authentication was applied” leads to the necessity to perform SCA at least once a month. In practice significant number of payment accounts are accessed by their users online relatively frequently with most accounts accessed least several times a month. In this respect we suggest a modification to the proposed rules. Specifically, we suggest that additional SCA does not need to be conducted in case a user of the account accessed frequently - for example once a week. In this context, we are of the view that the monitoring of security of the account is ensured by the account users themselves sufficiently. On the other hand it is not necessary to impose additional administrative burden on payment account operators in the form of frequent conduct of SCA. Also customers may be disappointed by excessive use of SCA.
[Payment institution"]"
[Execution of payment transactions"]"
Jan Pivoda