SCA: Authentication v Authorisation
Strong Customer Authentication or SCA, is an EU mandate for payments made in the European Economic Area (EEA). It has been introduced to increase customer protection from fraudulent activity and to generally make the payment process safer and more secure.
While SCA has already come into effect (since September 14th 2019), the deadline has been extended to the 14th of September 2021 in the UK for full enforcement of the law. If you are concerned that your business is not yet compliant with the mandate, don’t worry you still have time to act!
With the extension of the deadline in the UK to help support merchants who may have faced impact from Covid-19, you will have more time to update your online transaction process. If your customers are using cards that have been issued in the EU, then you will need to act much sooner to meet the 31st of December 2020 deadline.
3D Secure authentication takes the form of one of two possible flows; SCA, known as the challenge authentication flow and the frictionless authentication flow. Authorisation comes after this process, right before the transaction is completed.
Authentication: Is the process of determining whether the customer is indeed the person they say they are. This can be determined in a number of ways.
Authorisation: This is the request made to the card issuer to approve the transaction after the 3D Secure checks have been completed. If there are sufficient funds in the customer’s account and all personal details have been verified successfully, the transaction will be approved.
During the eCommerce transaction process, a customer’s identity must be validated in order for the payment to be confirmed. One of the world’s most commonly used authentication solutions, 3D Secure, helps facilitate the exchange of data between the customer, the merchant and financial institutions.
For further transaction security, there are now more improved protocols put in place in 3DS versions 1 and 2 for easier, more secure checkouts. With 3D Secure 2.0, merchants can look forward to taking a higher number of frictionless transactions, without challenging the customer unnecessarily or declining the transaction.