Strong Customer Authentication (SCA) explained

In September, the Strong Customer Authentication (SCA) requirements will come into force, adding an extra security step into checkout flows.

Charged has taken a look into how they will affect checkout processes for merchants and what it might mean for online shoppers.

SCA is a new European regulatory requirement to reduce online fraud and make digital payments more secure.

In order to meet SCA requirements, retailers need to build additional authentication into checkout flows.

The current way of authenticating online payments relies on 3D Secure tech, a standard supported by European payment providers, however SCA requirements will require extra authentication on top.

Extra authentication could be in the form of a PIN, a text sent to your phone or hardware token or a consumer’s face or touch ID.

Popular payment methods such as Apple Pay and Google Pay already streamline payment flows with their own built-in layer of authentication such as biometric tech or a password.

READ MORE: Fashion retailers see huge spike in fraud as pandemic provides “veritable petri dish” for online abuse

However, the European Economic Area regulation will require consumers to complete a robust, two-step identification process to complete purchases online.

SCA laws were approved back in 2019, however they will be expected to be enforced by the end of this year.

While these regulations are apart of the European Economic Area regulations, the laws are expected to come into force in the UK despite Brexit.

There are some specific payments which are likely to be exempt from SCA regulations and payment providers will be able to request these exemptions while processing the transaction.

Payment providers will be allowed to perform real-time risk analysis assessments to determine whether or not to apply SCA to the transaction.

What counts as strong customer authentication?


If a customer’s fraud rating lies above a certain threshold then then either the bank or the payment provider will require the shopper to complete SCA for further authentication.

Subscription payments such as Amazon or Netflix are also likely to be exempt from extra authentication however will be required after the first transaction.

A study conducted by Upwave found that while only 12.8 per cent of retail professionals aren’t worried about the impending regulations, nearly half of consumers (46 per cent) said that new SCA checkout steps will likely lead them to give up on transactions.

This is an obvious concern for businesses that operate solely online as it threatens to increase cart abandonment and hurt sales.

“Given the unprecedented flurry of challenges that brands and retailers have faced in the last year-plus, it’s likely that SCA and all it involves has appeared more theoretical and less urgent than the disruptions merchants were facing in real-time,” Ecommerce fraud protection site Signifyd managing director Ed Whitehead said.

“But SCA enforcement is imminent and merchants selling online are going to want to be ready to maintain a seamless checkout experience. This is a completely manageable challenge, but it requires action.”

Click here to sign up to Charged free daily email newsletter



Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.