Payment Services Directive 2 (PSD2)
Improving the payments market with increased efficiency and more secure payments and data.
Strong Customer Authentication (SCA)
What is SCA? Strong Customer Authentication (SCA) ensures that card issuers must confirm the cardholder as being the genuine owner of the payment card before they approve the ecommerce online transaction. To prove that they are the genuine owner of the card, cardholders must provide at least two out of three possible authentication factors to their card issuer when requested.
Authentication factors:
These can include any combination of two of the following:
Knowledge
This refers to something only the cardholder and their card issuer knows. A passcode or memorable secret word can be used to satisfy this requirement.
Possession
This is something the cardholder has which is recognised by their card issuer. A mobile phone can be used to satisfy this requirement.
Inherence
This is something unique to the cardholder and verifiable by their card issuer. A fingerprint, facial and voice recognition, or an iris scan are examples of authentication factors.
When was SCA required to be implemented?
The European Banking Authority recognised the complexity and challenges of implementing this directive within the payments environment and extended its original deadline of 14 September 2019. The deadline for Online eCommerce compliance was extended 31 December 2020 in Europe. The additional time was needed to ensure that all stakeholders in the ecosystem; banks, acquirers, gateway providers and merchants were able to equip themselves with the relevant tools to fully implement PSD2.
Mobile app
Download the Elavon Commercial Card app.
Dedicated interface
Elavon no longer operates a dedicated interface. For historical data, email Client Services.