Last update: 19/11/2021
Strong customer authentication is a way to make electronic payments more secure. It implements multi-factor authentication, which proves that the account used in financial transactions is ours to reduce the risk of fraud. It is required under the European Union’s “Payment Services Directive 2” (or “PSD2”), which took effect on 14 September 2019.
Everyone wants to make sure their finances are secure and their bank accounts untouchable. It’s important to understand what protections consumers have to prevent electronic payment fraud.
What is strong customer authentication?
Strong customer authentication (SCA) is a recent requirement in Europe (you can read more about it in this article (in Spanish) in Finanzas para Mortales (Finance for Mortals). Though it came into effect on 14 September 2019, European Economic Area (EEA) member states were gradually implementing it until its deadline on 20 December 2020.
SCA came about to provide more protections for consumers making electronic payments at stores or online, which have required it since 1 January 2021.
When we’re about to pay for something, our bank will ask us to give information that confirms we own the payment account, which helps reduce the risk of fraud. Such information could involve:
When the bank can confirm any two of these things, it will approve the payment you want to make.
What kind of payments is it for?
The purpose of strong customer authentication is to protect consumers making payments with a credit card in person at a store or online from their computer, mobile phone or tablet. Banks set their own customer identification requirements.
Many types of payments require customers to prove their identity:
We will have to prove who we are for bank transfers and most credit card transactions in the European Economic Area.
Strong customer authentication exceptions
According to EU law, transactions deemed low risk do not require strong customer authentication:
Want to more details about strong customer authentication? Don’t miss this article by Openbank.