As of September 14th, 2019 payment gateways now require additional security steps regarding “SCA” for customer purchases in the European Union.
This will trigger the 3DS payment gateway security features for the customer to authorize their payment.
What is SCA?
Strong Customer Authentication (SCA) is a European regulation set in place on September 14th, 2019 to reduce fraud and make online payments more secure for purchasing customers by adding additional security steps for purchases and subscriptions.
When is SCA applied?
SCA currently only applies to EU businesses that are selling to EU based customers and match any of the following criteria
(a) accesses their payment account online;
(b) initiates an electronic payment transaction;
(c) carries out any action through a remote channel which may imply a risk of payment fraud or other abuses.
Most card payments and all bank transfer payments will require SCA.
When is SCA not required?
There are scenarios in which SCA may not be required for the customer’s purchase.
What is 3DS?
3D Secure (3DS) is a fraud prevention measure that acts as an additional layer of security when taking card payments. It gives customers a secure 2 step authentication before they can purchase online; ensuring that they’re using the correct card details to help protect against card payment fraud.
3DS serves as the authentication method required by SCA regulations.
How will 3DS work?
3. When a subscription rebill charge happens, we set that related transaction to a pending status until the rebill is authenticated by the customer. We then send an email to the customer for authentication of the rebill.
- NOTE: If the customer does not authenticate the transaction within the allotted grace period(1-3 days: contact vendor of product for their grace period), the transaction will be marked as failed.
4. Our system confirms the customer’s rebill transaction and Paykickstart will attempt to process the transaction as normal.