EPSM, a European trade association representing the interests of payment service providers for merchants, has called for a minimum 18-month delay to the introduction of Strong Consumer Authentication rules, in order to avoid significant disruption to online business interests.
The rules, which are being pushed through under the the PSD2 Directive and are set for introduction in September, demand a two-step verification process be implemented for all online purchases over EUR30.
The measures have faced strong opposition from a market which is widely seen to not be ready for the switch, with merchants fearing widespread cart abondment as consumers react negatively to more complex checkout procedures.
Acknowledging the challenges, the European Banking Authority has paved the way for some firms, on an "exceptional basis", to get a limited extension of the September deadline.
The EPSM believes that this does not go far enough and is calling for a much longer implementation period so as to solve the technical and operational challenges posed by remote card payments - for merchants, card holders, issuers, and acquirers.
"EPSM has made clear that rolling out SCA-compliant solutions to merchants poses major challenges," states the lobby group. "To avoid significant acceptance disruptions, EPSM recommends that all regions should agree an additional timeframe of 18 months for standard applications, as well as up to 36 months for challenging applications, such as those in the travel and hospitality sector.
"This will deliver an EU-wide harmonised migration approach by the EBA and the 28 national regulators for remote card payments."
The EPSM represents the interests of 67 members with headquarters in 16 European countries.