On September 14th, 2019, requirements for authenticating online payments will go into effect in Europe as part of the second Payment Services Directive (PSD2). One of the new requirements of PSD2 is known as Strong Customer Authentication.
What is Strong Customer Authentication?
PSD2 is an EU directive that is being implemented to revise the payments process in the EU. This revision includes stronger protections for consumers when making payments online by regulating payment services and payment service producers in the EU. An important element of PSD2 is the requirement for Strong Customer Authentication (SCA).
Once in effect, SCA requires that online payment processors build additional authentication into their checkout flow. SCA requires authentication to use two of the following three elements:
- Something the customer knows (e.g. password or PIN)
- Something the customer has (e.g. phone or hardware token)
- Something the customer is (e.g. fingerprint or face recognition)
If an SCA-required payment does not meet these criteria, it may be declined by the bank.
When is Strong Customer Authentication required?
SCA will apply to “customer-initiated” online payments if both the business and the cardholder’s bank are located in the European Economic Area (EEA). Here are the original SCA requirements. As a result, financial services institutions (including your bank or credit card company) and payment services providers (e.g. Stripe or PayPal) will be revising their processes so that many types of card payments will now require SCA.
Since this applies to “customer-initiated” online payments, recurring payments or subscription payments may not require strong authentication as they are considered “merchant-initiated”.
What has Teachable done to help you prepare for Strong Customer Authentication
Teachable partners with Stripe for credit card processing. Stripe has prepared for PSD2 and SCA and built new technology to help minimize any friction in the payments experience. Using Stripe’s new software, we’ve added an additional step to the checkout flow when SCA is required. Similarly, PayPal has also already implemented its own SCA checkout flow.
This additional authentication is automatically available for all Teachable schools. There is no action required from any school owner to take advantage of these new SCA checkout flow.
If you have any additional questions, please comment below and let us know!