The role of SCA (Strong Customer Authentication) is to reduce fraud and increase online payments security. PSD2 requires SCA to be used in all customer-initiated online payments within Europe and for online card payments where the business and the card holder’s bank are in the European Economic Area (EEA). SCA uses two or more elements in the authentication process:
- Something you know (knowledge), such as a password or PIN
- Something you have (possession), such as a badge or smartphone
- Something you are (inheritance), such as fingerprints or voice recognition
Upcoming Enforcement Dates for SCA Compliance
- UK - Enforcement deadline on 14 March 2022.
For more details, refer to Payment Processing Compliance Explained.