Strong Customer Authentication

We're introducing smarter, stronger and safer ways to keep you protected online

What's changing?

Increasingly we will ask you to confirm your identity when using Online Banking or when you buy something online with your card. It'll provide extra protection against fraud and scams by ensuring it's you who is using your details, and not someone pretending to be you.

When you log in to your account or buy something online, we'll occasionally text you a code to your mobile phone. This is called a one time passcode (OTP) and you'll need this to complete your task. 

We may also ask you at times to use your card reader when logging into Online Banking.

If we can't confirm it's you logging into your account, you will experience a restricted service. This means, for example, you will only be able to view your balance, order/enable your card reader and make transfers between your own NatWest accounts.

If you are buying something online and cannot receive an OTP, you will be unable to complete your purchase.


Make sure your contact details are up to date

As we need your mobile phone number to send you an OTP – and if you have a credit card with any additional card holders we’ll need their number as well – it’s really important to make sure we have your up to date details.  This will enable you to receive the OTP and complete your purchase safely. If you’re in an area with poor phone coverage there will be other options available to receive an OTP.

We’ll ask for your PIN more often

We will also be asking you to input your PIN more often when you pay with contactless.  Don’t worry it doesn’t mean there is something wrong with your card or account – it’s just another way for us to keep your money safer and more secure - simply use chip and PIN as normal

Why the change?

Criminals are becoming more sophisticated. It's our job to stay one step ahead, and to keep your money safe.

New regulation is being rolled out across all UK banks which is designed to improve the security of your purchases and reduce fraud. It is called Payment Services Directive 2 (PSD2) and you may have heard it sometimes referred to as Strong Customer Authentication (SCA).

We're continually investing in new technology for extra security - and that's why you’ll notice a number of new changes to keep you secure.

Tackling Fraud & Scams

Be prepared for when criminals might target you;


  • Ensure you keep your contact details up to date so we can alert you if we detect any suspicious activity on your account.


  • Tell anyone your Online Banking login details, activation codes, full PIN, full password or app passcode. Even a caller claiming to be from the bank or police
  • Transfer money from your account after being instructed to do so, even if that person claims to work for the bank or police
  • Allow remote access to any device when someone gets in touch with you unexpectedly.
  • If you’re asked to do any of the above, end contact with the individual immediately and contact us using either a number from our website or on the back of your debit or credit card.

Frequently asked questions

Something else we can help you with?