Strong customer authentication
From Wikipedia, the free encyclopedia
Strong customer authentication (SCA) is a requirement of the EU Revised Directive on Payment Services (PSD2) on payment service providers within the European Economic Area. The requirement ensures that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments.[1] Physical card transactions already commonly have what could be termed strong customer authentication in the EU (Chip and PIN), but this has not generally been true for Internet transactions across the EU prior to the implementation of the requirement,[1] and many contactless card payments do not use a second authentication factor.
The SCA requirement came into force on 14 September 2019.[2] However, with the approval of the European Banking Authority,[3] several EEA countries have announced that their implementation will be temporarily delayed or phased,[4][5] with a final deadline set for 31 December 2020. [6]