Strong Customer Authentication (SCA)
Later this year on September 14th a new European payment law will come into use. For consumers its a brilliant step forward. Essentially the new law requires two-factor auth when checking out which should cut down on card fraud.
If you’re a Stripe user, all you’ll need to do is implement 3D Secure 2. This will cover your requirements for the new law. I asked Stripe on Twitter to confirm this (which they helpfully did):
Yep—you'll want to confirm that your integration is one that supports 3D Secure 2. https://t.co/bnFH0XmU3a can help get you started on this!
— Stripe (@stripe) April 9, 2019
I’ll be sticking with Stripe going forward, purely because they will handle most of this for me. You can read more information about what’s needed over on the Stripe docs for Strong Customer Authentication.
Further Reading
You can find out more information about SCA within these pages:
- https://stripe.com/en-GB/guides/strong-customer-authentication
- https://www.jpmorgan.com/europe/merchant-services/strong-customer-authentication
- https://www.barclaycard.co.uk/business/news-and-insights/guide-to-strong-customer-authentication
- [https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32018R0389](* https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32018R0389)
- https://eba.europa.eu/-/eba-provides-clarity-to-market-participants-for-the-implementation-of-the-technical-standards-on-strong-customer-authentication-and-common-and-secure-
- https://eba.europa.eu/regulation-and-policy/payment-services-and-electronic-money/regulatory-technical-standards-on-strong-customer-authentication-and-secure-communication-under-psd2
- http://www.visaeurope.com/about-us/policy-and-regulation/
- https://www.fca.org.uk/firms/revised-payment-services-directive-psd2
- https://www.gemalto.com/financial/ebanking/psd2
- https://www.braintreepayments.com/blog/understanding-and-preparing-for-psd2-strong-customer-authentication/
- https://www.adyen.com/blog/psd2-understanding-strong-customer-authentication