What is Strong Customer Authentication?

PSD2 regulation took effect in January 2018, aiming to enhance consumer rights and reduce rampant online fraud.

A key element of PSD2 is the introduction of Strong Customer Authentication (SCA). To help prevent fraud, all financial transactions involving EU participants are required to have 2-factor authentication unless specifically exempted.

The deadline for SCA has been subject to numerous delays, but for most of Europe the end of 2020 is a final deadline, with an extension already ruled out.

There are different ways to meet SCA regulation—providers need to balance security and the user experience. There are worries that poor SCA solutions will cost merchants billions in abandoned transactions. But that doesn’t need to be the case, as Encap SCA solution fulfils security needs and regulatory demands without compromising great user experience.

Security on desktop

What meets SCA requirements?

The payment journey is changing. To be on the right side of the law, PSD2 now requires the use of two independent sources of validation, commonly known as 2-factor authentication (2-FA). A password or PIN alone is no longer enough.

SCA requires authentication to use at least two of the following three independent elements:

Something the customer knows – for example PIN-code
Something the customer has – example mobile device or credit card
Something the customer is – biometric fingerprint or face-ID

In addition to secure authentication dynamic linking is required. Dynamic linking means that the payer has visibility of the amount, payee and context of the payment at the time of authorisation. This information needs to be securely transmitted between company and their customers

There are some exemptions for specific types and sizes of payments. All other payments require 2-FA and dynamic linking. Payments that do not meet PSD2 security criteria will be declined. Most card payments and all bank transfers require SCA.

How Encap meets SCA requirements

Encap brings authentication and secure communication to mobile. Encap SDK ensures businesses deliver a seamless and secure digital in-app experience across all service channels, providing a consistent single view of your customer. Transactions can be initiated in any channel and authorised conveniently on the customer’s own mobile device.

There is much more than what meets the eye in Encap’s layered security approach. The approach we call the “Encap security onion” – we detect, defend and react to all types of threats that might otherwise put a valuable transaction at risk. To achieve this, we continuously add new and advanced security technology layers to our SCA solution.

Encap SCA is trusted by major regulated institutions across Europe and has won numerous industry awards.

How Encap meet requirements

Find out more

Speak to us or one of our partners about how Encap Security can meet the demands of Strong Customer Authentication without compromising on user experience.

Contact us