Strong Customer Authentication (SCA)

SCA is mandated in PSD2 as way to add more security to online payments and online banking transactions.

The authentication is considered strong if a shopper is able to provide two out of the following factors:

  • Something the shopper has.
  • Something the shopper knows.
  • Something the shopper is.

For example, a shopper is required to supply a one-time authentication code received on their phone (something the shopper has), and a password that only the shopper knows (something the shopper knows).