Strong Customer Authentication

Making sure it's always you #ItsReallyMe

What's happening?

Financial crime is becoming more common and sophisticated. As your bank, ensuring your money is kept safe and secure is at the heart of everything we do. We are constantly working on better ways to combat fraud, from installing the latest technology to notifying you when we feel something isn’t right.

New regulation being introduced across all UK banks, between now and March 2021, is designed to improve your security and reduce fraud and scams.  It’s called Payment Services Directive 2 (PSD2) but you may have heard it referred to as Strong Customer Authentication (SCA).

Put simply it means you’ll be asked to prove it’s really you more often when:

·        Using Online Banking.

·        Buying something online with your card.

·        Making contactless payments.




Logging into your account

When you log in to your account we'll sometimes text a code to your mobile phone. This is called a one time passcode (OTP) and you'll need this to log into and use some of the services within Online Banking.

You can also continue to use your Card Reader if you don’t have a mobile phone.

If we can't confirm it's you logging into your account, you’ll experience a restricted service. This means, for example, you’ll only be able to view your balance, order/enable your card reader and make transfers between your own NatWest accounts.


Online Purchases

If you are buying something online we’ll sometimes send a one time passcode (OTP) to your mobile phone. You’ll need this to complete your purchase. 


Make sure your details are up to date

We’ll need your mobile phone number to send you an OTP, or to contact you if we detect any suspicious activity on your account, so it’s really important you make sure we hold the correct details for you. If you have an additional card holder, we’ll also need their number. If you’re in an area with poor phone coverage, or you don’t have a mobile phone, there will be other options available to receive an OTP.


Contactless Payments - We’ll ask for your PIN more often

We’ll also ask you to input your PIN more often when you present your card to pay using contactless.  This doesn’t mean there is anything wrong with your card or account – it’s just another way for us to check it’s really you making the purchase. Simply put your card into the reader and enter your PIN as normal.


What’s next?

We're continually investing in new technology to keep your money safe - that's why you’ll notice more features designed to help you prove #ItsReallyMe.  

In March we’re launching Confirmation of Payee, a name checking service.  

When you set up a new payment, we’ll check the name of the person or business you’re paying with their bank. We’ll let you know if the name is a match, close match or no match so you can pay with confidence.

Remember, all banks are making these changes and it just means we’ll ask you more often to prove #ItsReallyMe


Tackling Fraud & Scams

Be prepared for when criminals might target you;


  • Ensure you keep your contact details up to date so we can alert you if we detect any suspicious activity on your account.


  • Tell anyone your Online Banking login details, activation codes, full PIN, full password or app passcode. Even a caller claiming to be from the bank or police.
  • Transfer money from your account after being instructed to do so, even if that person claims to work for the bank or police.
  • Allow remote access to any device when someone gets in touch with you unexpectedly.
  • If you’re asked to do any of the above, end contact with the individual immediately and contact us using either a number from our website or on the back of your debit or credit card.

Frequently asked questions

Something else we can help you with?