SCA or Strong Customer Authentication, is a requirement of Europe's revised Payment Services Directive 2 (PSD2) mandate to increase security and minimize fraud risk around electronic payments. PSD2 aims to protect consumers, promote banking innovation, and facilitate safer cross-border European payment services. SCA first came into effect in 2019. With approval by the EEA, the implementation deadline was pushed to December 31, 2021.
SCA requires that electronic payments utilize multi-factor authentication. To pass authentication, two of the following three criteria must be met:
Banks have the authority to decline payments that do not meet the authentication criteria.
SCA applies to customer-initiated transactions in which both the merchant’s acquiring bank and the bank issuing the buyer’s debit or credit card are located within the European Economic Area (EEA).
Some exemptions apply depending on the amount of the transaction, the degree of perceived risk, and the frequency of occurrence. Examples of exemptions in place include:
Along with adding additional protection for consumers, SCA benefits businesses by:
We see SCA and the PSD2 mandate as an opportunity to provide customers with a more secure experience and promote compliance in the payment ecosystem. We’ve added 3D Secure 2 (an industry-accepted method) protocols to our checkout flows to meet SCA requirements. The following Blackthorn Payments features are SCA supported:
If a transaction fails, it will create a notification in Salesforce, and a reattempt request will automatically trigger, depending on the logic set.
Teams working in the EEA using Blackthorn Payments can easily enable SCA in Salesforce by following these steps outlined here.
If you have any questions about SCA requirements and are interested in learning how Blackthorn Payments can help your team navigate these new regulations, we are happy to help. Talk to one of our experts.