What is Strong Customer Authentication?

Strong Customer Authentication (SCA) is a regulation required since the 14th of September 2019, as part of the second Payment Services Directive (PSD2) in Europe to reduce fraud and make online payments more secure. To accept payments and meet SCA requirements, we require, via Stripe, an authentication that uses at least two of the following three elements:

• something the customer knows (e.g., password or PIN);
• something the customer has (e.g., phone or hardware token);
• something the customer is (e.g., fingerprint or face recognition).

When is Strong Customer Authentication required?

Strong Customer Authentication applies to “customer-initiated” online payments within Europe. As a result, most card payments and all bank transfers require SCA. For online card payments, these requirements apply to transactions where both the business and the cardholder’s bank are located in the European Economic Area (EEA).

Is MondoPal compliant?

Yes, we are. We are powered by two of the best payment gateways in the world, Stripe and PayPal which are authenticating an online card payment by relying on 3D Secure — an authentication standard supported by the vast majority of European cards. Applying 3D Secure typically adds an extra step after the checkout where the cardholder is prompted by their bank to provide additional information to complete a payment (e.g., a one-time code sent to their phone or fingerprint authentication through their mobile banking app).

---