Strong Customer Authentication (SCA)

PSD2 stands for Payment Services Directive 2. It takes effect on September 14, 2019. This regulation impacts subscription businesses whose acquirer is in the European Union (EU) or acquirer has EU license and which are transacting online with customers' credit card whose issuer is also in the EU. PSD2 applies to all online transactions, including payments made via credit cards and alternative payment methods, subject to certain exemptions (see European Payment Council document for comprehensive details and requirements). While many alternative payment methods may already be PSD2-compliant (e.g., Apple Pay and Google Pay), others may not yet be PSD2 compliant (e.g., PayPal). The main requirement of PSD2 is Strong Customer Authentication (SCA). SCA requires that new subscribers go through a 3DSv2 process when purchasing online. This process serves to verify (or "authenticate") the subscriber’s identity and that they are the valid holder of the credit card they’re using to complete their purchase.