If you take online payments (via Stripe, PayPal or Worldpay) you may wish to familiarise yourself with Strong Customer Authentication (SCA) and the minor changes it's implementation has made to your customer’s payment process.
It is not necessary for you to make any changes to your account to conform with SCA, Bookwhen has taken steps to ensure that the requirements have been met.
One of the requirements of the second Payment Services Directive (PSD2) is the introduction of SCA for online payments in the European Economic Area (from 14th September 2019).
SCA is designed to improve payment security and reduce your customer’s vulnerability to fraud.
SCA applies to the UK, regardless of the outcome of Brexit.
SCA essentially means that online payments must be performed with multi-factor authentication (there are some exemptions, listed below). This means that an online user is only permitted to continue if they have presented 2 or more pieces of evidence that demonstrate they are who they say they are.
Under SCA, this must be 2 of the following –
- Something your booker knows (e.g. a pin number)
- Something your booker has (e.g. a phone)
- Something your booker is (e.g. a fingerprint)
What this means for your customer is that they may have to complete an additional step to meet the conditions above. This could be entering a pin that they have previously set, a code sent to their phone via SMS, or something else.
Your payment gateway may allow an online payment without SCA for one of two reasons –
- The transaction is considered low risk i.e. the card providers overall fraud rate is below an acceptable threshold
- The payment value is low i.e. less than €30 (approximately £25) – this exemption can only be used for payment 5 times before it is necessary to for the customer to renew with another multi-factor authentication
How this affects payments for your bookers
If you have any questions or concerns at all please do get in touch with our support team via live chat or on firstname.lastname@example.org.