Due to a significantly high increase in cyber fraud, we are strongly recommending that everyone, not just our customers, enables two factor authentication across all sites, not just Storeline UK.
If you shop on Storeline UK you are protected by 2FA, your card details are encrypted and can only be used after being verified, so you don't need to take any extra step for our site.
If you use any of the following, you must enable 2FA as soon as possible to prevent fraud:
(To be secure, we recommend you use Chrome, if you do not yet use Chrome, please download it from here.)
Login on paypal.com, follow the following diagrams, that are screen reader compatible.
Confirm that the connection is secure by checking the URL spelling, the HTTPS / SSL padlock, and that the security certificate is valid and issued to PayPal US Incorporated.
Follow the instructions shown on the PayPal site.
Login on facebook.com and follow the following diagrams.
(Check the URL and the padlock, as shown in the PayPal guide.)
Click "Settings", then:
Follow the on-screen instructions to complete the setup.
Do this for all sites that hold sensitive data about you, or can contact people on your behalf.
At Storeline UK, we want you to be safe when shopping online. Here's some tips to help you shop safely.
Checking a website is secure:
When using ecommerce sites it is important to check the site is legitimate, for example when using Storeline UK it will always show "storeline.uk" in the address bar and will show a padlock, that looks like this:
We recommend using Google Chrome for internet browsing as it is by far the most secure. We're not sponsored, however from past experience most of our customers who have encountered fraud was due to their browser not doing enough to protect them, such as Internet Explorer that doesn't have enough security features.
If you're not using Chrome you can install it here: https://www.google.com/chrome/
To find out about site security when using Chrome, click here:
Fraud when using PayPal:
PayPal itself is a very secure system, and it is accepted on Storeline UK and many other major online retailers. However, it is very common for fraudsters to impersonate PayPal in order to get money. All PayPal emails will come from an "@paypal.com" address and will be free of typos.
If you receive an email from PayPal don't click any links in the email, instead type "paypal.com" (without the quotes) into the Google Chrome address bar and login to your account.
Let's imagine you're selling furniture on Facebook marketplace and somebody approached you about purchasing it and asks to pay on PayPal. This is a real story.
Now upon reading this email, you would think this makes sense, however, it raises a few questions:
- Why doesn't she just pay the courier directly?
- Why does she trust Madi with £520 when she's never met her?
This is all very suspicious, and is a very common scam.
She then received an email, claiming to be from PayPal:
This should be an obvious fake as PayPal never operates in this way, however many people have been scammed this way so you should always be careful, and always contact your bank before making any transfer.
Thankfully Madi did the right thing and contacted Storeline UK who confirmed it was a scam.
If you encounter a scam like this, contact your bank, or Storeline UK on:
+44 330 043 1357
There are also scams that claim that your Storeline UK online account or your Apple ID have been locked:
This email and website have been setup by scammers and are trying to obtain financial or login information.
This is an email impersonating Storeline UK:
As you can see,
- This email has been sent from a generic, personal address whereas our emails always come from an "@storelineuk.com" address.
- There are many typos, while our staff are human and may occasionally make a mistake they would never do anything this awful.
- Anyone can steal our logo, it doesn't mean it's really us.
Upon further inspection of the webpage you can see the domain is not the official "storelineuk.com" address and the connection is "Not Secure" meaning you are on a fake site.
And as you can see, Google Chrome has warned against it.
So remember to be safe when shopping online and always contact us first if you feel unsafe.
There are many other scams so here's the link to the Lloyds Bank Fraud Center with further information:
And remember, only shop from trusted sites such as Storeline UK as we'll help protect you from fraud.
PSD2 and Two Factor authentication:
When shopping on Storeline UK you might notice an extra security step. This is called 3D secure and it is required by most banks and building societies in the UK since the 14th of September 2019. When shopping on Storeline UK, after adding your card number you might be redirected to another page to verify your identity. This varies depending on your card issuer, but usually consists of entering a four to eight digit code sent to you via SMS message. If you use a card you have saved on our site, Storeline UK will send you a six digit code via SMS message as usual, but your bank might still require separate verification.
You might also be asked to enter your PIN regularly when using contactless in physical stores - you can avoid this by using Apple or Google Pay.
These changes are industry standard and will affect all sites and services in the European Union, this is to protect you, the consumer, from fraud when shopping online, for more information on fraud, here is a link to our page on scams: https://storelineuk.com/pages/fraud
This is the requirement for all businesses within the European Economic Area (EEA):
And here is a copy of the information provided by Keith Hum, a product management leader at Shopify Canada:
Payments is a key part of the shopping experience no matter where and what you’re selling, but it’s especially important online, where trust and security are top of mind.
If you’re selling in the European Economic Area (EEA), you may have heard about the revised Payment Services Directive (PSD2). It’s a regulatory requirement intended to increase protection against fraud for online purchases and will have some impact on businesses in the EEA.
Below, we’ll help you navigate these complexities of selling so you can focus on running and growing your business. Here’s an overview of what’s happening and what it means for you.
What is the revised Payment Services Directive (PSD2)?
The revised Payments Services Directive (PSD2) regulates the payments industry in the European Union. One of the major updates that comes into effect this year is stronger protection for customers who shop online using their debit and credit cards. This protects you too: fewer fraudulent charges is good for everyone.
To comply with these new regulations, you’ll need to make sure you have Strong Customer Authentication (SCA) to help mitigate card-not-present fraud from payments accepted from European buyers.
What is Strong Customer Authentication (SCA)?
Strong Customer Authentication is similar to what many people refer to as two-factor authentication: if a customer is buying online using their debit or credit card, SCA may require them to use two forms of authentication. As an example, instead of just entering their PIN or password, Strong Customer Authentication would prompt a customer to enter a code generated on their banking app as a second step. This makes it harder for fraudulent transactions to get through.
Customers are asked to enter this information only when it’s required, through a technology known as 3D Secure—an extra layer of security that customers have to enter during checkout to authenticate themselves. Your customers will see the 3D Secure indicator start to show up on orders after PSD2 comes into effect.
What does PSD2 mean for Shopify merchants?
If you’re using Shopify Payments to process credit or debit cards in Germany, Denmark, Ireland, the Netherlands, Spain, or the United Kingdom, you don’t need to do anything. You’ll be compliant in time for the September 14, 2019, deadline automatically. Shopify Payments is optimized to minimize the use of 3D Secure. It will only use 3D Secure when absolutely required by the issuing bank in order for a transaction to be authorized successfully.
If you’re using Stripe to process credit or debit cards in Austria, Belgium, Denmark, Estonia, Finland, France, Germany, Greece, Ireland, Italy, Latvia, Lithuania, Luxemburg, the Netherlands, Norway, Poland, Portugal, Spain, Sweden, or the UK, you’ll also be fully compliant with PSD2 before the deadline and be able to offer SCA without any changes.
Local payment methods such as iDeal and Klarna, and wallets like Google Pay, Apple Pay, and PayPal Express, are already compliant with the regulation and require no action for merchants.
For merchants who want to stay on their third-party gateways, they will not automatically be in compliance with PSD2 on September 14. To be in compliance, we recommend these merchants create a connection with Cardinal Commerce. These merchants will be prompted within their Shopify admin that Cardinal Commerce is available for them, and the onus is on the merchant to decide if and when they want to sign up and enable this solution. We recommend that merchants take this action as soon as possible in order to meet the September 14 deadline.
When will PSD2 be enforced?
We anticipate that the enforcement of the SCA requirement will be phased and fragmented across Europe (see updates by country). As an example, earlier this month, the UK regulator granted an 18-month phase-in period to give banks and businesses more time to prepare for these new requirements. The biggest impact of this uncertainty is on merchants not using Shopify Payments or Stripe.
Over the next 18 months, merchants will start seeing orders that have used SCA for payment processing within their Shopify orders page. Orders paid with debit or credit cards that have gone through 3D Secure will have 3D Secure (3DS) noted beside the order timeline. This means the buyer’s identity has been confirmed by the bank who issued the card and the transaction will default to low risk. There is no action required for the merchant within the orders page for these transactions.