What is Strong Customer Authentication (SCA)?

rob and dan babygrow blur
Share on facebook
Share on twitter
Share on linkedin

Rob here!

In 1994 the first secure retail payments were made over the internet. Dan and I were still rocking matching baby grows! We know you’re actually here for the picture, you’ll have to read on to find it.

Let’s skip to today where online payments are a part of daily life. As a result cash isn’t so common and our high streets are looking like a scene from a spaghetti western. If we are no longer purchasing items in person, how do we know that we’re making secure purchases online? The answer is Strong Customer Authentication or SCA. In this blog post, we’re going to look at SCA from an online merchants point of view.

online payment through mobile ecommerce store

What is Strong Customer Authentication?

On 14th September 2019 a new regulation was introduced that requires online merchants to ask for multiple forms of identification. In most cases, a merchant using SCA will require 2 forms of authentication from its customers, we’ll talk about how online merchants can do this in a moment.

So what will merchants be asking for?

Something the customer knows – a password or security question

Something the customer has – a push notification sent to a device

Something the customer is – a fingerprint or Face ID

You may have been coming across SCA for a while even before the 14th September. Although the regulation took effect last month, some banks have been allowed extra time to prepare for SCA.

Which merchants require Strong Customer Authentication?

The location of the merchant does not matter, however, if the bank or processor is within the European Economic Area (EEA) and the customer’s payment card/instrument is issued in the EEA then the merchant is required to implement strong customer authentication.

Purchases under €30 won’t often require SCA but it will be required after 5 exempt transactions. Subscription services will need authentication on the first purchase and continuing payments will be exempt. It’s worth noting, however, that the customer’s bank will decide whether further authentication will be needed in the future.

What does Yuno recommend for online merchants?

We only work in WordPress so the solution for us is quite simple. We use WooCommerce for most of our online merchant customers. There are loads of SCA ready payment gateways that integrate with WooCommerce and very little development work is needed to set them up. It’s worth noting that Apple Pay and Google Pay are SCA ready. Here are the most common gateways that integrate well with WooCommerce.

Stripe

PayPal

Amazon Pay

Sage Pay

That’s a quick rundown of Strong Customer Authentication for you. If you need help or advice regarding your online store and SCA, please don’t hesitate to get in contact.

Here’s the real reason you’re here…

From left to right: Dan and Rob or Rob and Dan

Directors Dan and Rob in matching baby-grows

 

Share this post with your friends

Share on facebook
Share on twitter
Share on linkedin

Let us know your thoughts