PSD2: Strong Customer Authentication

Frances Wong

| Jul 08, 2019

On September 14th, 2019, requirements for authenticating online payments will go into effect in Europe as part of the second Payment Services Directive (PSD2). One of the new requirements of PSD2 is known as Strong Customer Authentication.

What is Strong Customer Authentication?

PSD2 is an EU directive that is being implemented to revise the payments process in the EU. This revision includes stronger protections for consumers when making payments online by regulating payment services and payment service producers in the EU. An important element of PSD2 is the requirement for Strong Customer Authentication (SCA).

Once in effect, SCA requires that online payment processors build additional authentication into their checkout flow. SCA requires authentication to use two of the following three elements:

  • Something the customer knows (e.g. password or PIN)
  • Something the customer has (e.g. phone or hardware token)
  • Something the customer is (e.g. fingerprint or face recognition)

If an SCA-required payment does not meet these criteria, it may be declined by the bank. 

When is Strong Customer Authentication required?

SCA will apply to “customer-initiated” online payments if both the business and the cardholder’s bank are located in the European Economic Area (EEA). Here are the original SCA requirements. As a result, financial services institutions (including your bank or credit card company) and payment services providers (e.g. Stripe or PayPal) will be revising their processes so that many types of card payments will now require SCA. 

Since this applies to “customer-initiated” online payments, recurring payments or subscription payments may not require strong authentication as they are considered “merchant-initiated”. 

How Teachable helps you prepare for Strong Customer Authentication

Teachable partners with Stripe for credit card processing. Stripe has been preparing for PSD2 and SCA and have built new technology that can help us minimize any friction in the payments experience. Using Stripe’s new software, we will be adding an additional step to the checkout flow when SCA is required. 

Any transactions made using PayPal will be redirected through their checkout flow which PayPal has updated to satisfy the SCA requirements.

If you have any additional questions, please comment below and let us know!

Frances Wong is a Product Marketer at Teachable. Outside of Teachable, Frances is an avid sports fan and dedicates her weekends to Manchester United and Georgetown Hoyas games.