Payment service providers shall be allowed not to apply strong customer authentication, where the payer initiates a remote electronic payment transaction provided that the following conditions are met:
- (a)
the amount of the remote electronic payment transaction does not exceed £25; and
- (b)
the cumulative amount of previous remote electronic payment transactions initiated by the payer since the last application of strong customer authentication does not exceed £85; or
- (c)
the number of previous remote electronic payment transactions initiated by the payer since the last application of strong customer authentication does not exceed five consecutive individual remote electronic payment transactions.