{"title":"PSD2 SCA compliance guide","category":"default","creationDate":1676995080,"content":"<p>The information we provide in this guide can help you prepare for PSD2 SCA compliance using 3D Secure. However, the information here should not be taken as legal advice. This guide supplements the following sources:<\/p>\n<ul>\n<li>Regulatory guidance provided by official domestic authorities.<\/li>\n<li>Card scheme regulations.<\/li>\n<li>EMVCo specifications for the 3D Secure 2 protocol.<\/li>\n<\/ul>\n<h2>Requirements<\/h2>\n<p>Before you begin, take into account the following requirements:<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Requirement<\/th>\n<th style=\"text-align: left;\">Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\"><strong>Integration type<\/strong><\/td>\n<td style=\"text-align: left;\">An <a href=\"\/pt\/online-payments\/build-your-integration\">online payments integration<\/a>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>What is PSD2?<\/h2>\n<p>The Revised Payment Services Directive (PSD2) is the latest version of the Payment Services Directive, a European regulation requiring strong customer authentication (SCA) to make online payments in the <a href=\"https:\/\/en.wikipedia.org\/wiki\/European_Economic_Area\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">European Economic Area (EEA)<\/a> more secure.<\/p>\n<p>PSD2 is for banks, not for merchants. This means that to comply with the law in their home country\/region, issuing banks must refuse non-compliant transactions. To avoid the risk of issuing banks refusing your transactions, you as a merchant need to ensure that your transactions comply with PSD2 SCA regulations.<\/p>\n<h3>What do I need to do to comply with PSD2 SCA?<\/h3>\n<p>PSD2 requires you to perform strong customer authentication (SCA) on <a href=\"#are-my-payments-affected\">affected transactions<\/a>. Our recommended way of applying SCA is implementing <a href=\"\/pt\/online-payments\/3d-secure\">3D Secure<\/a>. Both 3D Secure 1 and 3D Secure 2 are compliant methods for applying SCA.<\/p>\n<p>For more information, refer to <a href=\"\/pt\/online-payments\/psd2-sca-compliance-and-implementation-guide\/sca-options\">Implement SCA compliance<\/a>.<\/p>\n<h2 id=\"are-my-payments-affected\">Are my payments affected?<\/h2>\n<p>Your payments fall within PSD2 SCA scope if <em>both<\/em> your acquiring processing entity and your customer's issuer processing entity are in the European Economic Area (EEA), Monaco, Switzerland, or the UK.<\/p>\n<div class=\"accordion-shortcode adl-accordion adl-accordion--max-height-transition\" data-expand=\"true\" data-ignore=\"anchorjs-link\">\n    \n    <div class=\"adl-accordion__item\" style=\"border: none !important;\">\n        <div tabindex=\"0\" role=\"item\" aria-expanded=\"false\" class=\"adl-accordion__header\">\n            <i class=\"adl-accordion__toggle adl-icon-chevron-down\"><\/i>\n            <div class=\"adl-accordion__title-wrapper\" data-accordion=\"#sca-countries-and-regions\">\n                                    <h4 class=\"adl-accordion__title\">SCA countries and regions<\/h4>\n                            <\/div>\n        <\/div>\n        <div role=\"region\" class=\"adl-accordion__content\">\n            \n<ul>\n<li>Austria<\/li>\n<li>Belgium<\/li>\n<li>Bulgaria<\/li>\n<li>Croatia<\/li>\n<li>Republic of Cyprus<\/li>\n<li>Czech Republic<\/li>\n<li>Denmark<\/li>\n<li>Estonia<\/li>\n<li>Finland<\/li>\n<li>France<\/li>\n<li>Germany<\/li>\n<li>Greece<\/li>\n<li>Hungary<\/li>\n<li>Iceland<\/li>\n<li>Ireland<\/li>\n<li>Italy<\/li>\n<li>Latvia<\/li>\n<li>Liechtenstein<\/li>\n<li>Lithuania<\/li>\n<li>Luxembourg<\/li>\n<li>Malta<\/li>\n<li>Monaco<\/li>\n<li>Netherlands<\/li>\n<li>Norway<\/li>\n<li>Poland<\/li>\n<li>Portugal<\/li>\n<li>Romania<\/li>\n<li>Slovakia<\/li>\n<li>Slovenia<\/li>\n<li>Spain<\/li>\n<li>Sweden<\/li>\n<li>Switzerland<\/li>\n<li>United Kingdom<\/li>\n<\/ul>\n<div class=\"notices green\">\n<p>If your business is located in <strong>Switzerland<\/strong>, your acquiring processing entity is in the EEA, as funds will be acquired by Adyen's European entity, located in the Netherlands.<\/p>\n<\/div>\n\n        <\/div>\n    <\/div>\n<\/div>\n\n<p>To determine your obligations, answer the questions on the following pages, beginning with:<\/p>\n<h3 id=\"is-my-business-located-in-one-of-the-above-countries\">Is my business located in one of the in-scope countries\/regions for SCA compliance?<\/h3>\n<div class=\"next-steps\" id=\"next-steps\" >\n<a href=\"\/online-payments\/psd2-sca-compliance-and-implementation-guide\/customers\" class=\"next-steps__step\" style=\"width:45%;\" target=\"_self\"><p class=\"next-steps__body\"><div style=\"text-align: center;\"><p><img alt=\"A checkmark\" src=\"\/user\/pages\/docs\/02.online-payments\/51.psd2-sca-compliance-and-implementation-guide\/checkmark.svg?decoding=auto&amp;fetchpriority=auto\"><\/p><h6 class=\"next-steps__title\">Yes<\/h6><p>My business is located in the EEA, Monaco, Switzerland, or the UK.<\/p><\/div><\/p><\/a><a href=\"\/online-payments\/psd2-sca-compliance-and-implementation-guide\/business-models\/out-of-scope-transactions\" class=\"next-steps__step\" style=\"width:45%;\" target=\"_self\"><p class=\"next-steps__body\"><div style=\"text-align: center;\"><p><img alt=\"An X\" src=\"\/user\/pages\/docs\/02.online-payments\/51.psd2-sca-compliance-and-implementation-guide\/close.svg?decoding=auto&amp;fetchpriority=auto\"><\/p><h6 class=\"next-steps__title\">No<\/h6><p>My business is not located in the EEA, Monaco, Switzerland, or the UK.<\/p><\/div><\/p><\/a><\/div>\n","url":"https:\/\/docs.adyen.com\/pt\/online-payments\/psd2-sca-compliance-and-implementation-guide","articleFields":{"description":"Learn about the Revised Payment Services Directive for strong customer authentication.","last_edit_on":"21-02-2023 16:58","feedback_component":true,"page_id":"d663e77a-bf3b-48c9-950c-0ddf3139f586","filters_component":false,"decision_tree":"[]","parameters":{"switch":"business"}},"algolia":{"url":"https:\/\/docs.adyen.com\/pt\/online-payments\/psd2-sca-compliance-and-implementation-guide","title":"PSD2 SCA compliance guide","content":"The information we provide in this guide can help you prepare for PSD2 SCA compliance using 3D Secure. However, the information here should not be taken as legal advice. This guide supplements the following sources:\n\nRegulatory guidance provided by official domestic authorities.\nCard scheme regulations.\nEMVCo specifications for the 3D Secure 2 protocol.\n\nRequirements\nBefore you begin, take into account the following requirements:\n\n\n\nRequirement\nDescription\n\n\n\n\nIntegration type\nAn online payments integration.\n\n\n\nWhat is PSD2?\nThe Revised Payment Services Directive (PSD2) is the latest version of the Payment Services Directive, a European regulation requiring strong customer authentication (SCA) to make online payments in the European Economic Area (EEA) more secure.\nPSD2 is for banks, not for merchants. This means that to comply with the law in their home country\/region, issuing banks must refuse non-compliant transactions. To avoid the risk of issuing banks refusing your transactions, you as a merchant need to ensure that your transactions comply with PSD2 SCA regulations.\nWhat do I need to do to comply with PSD2 SCA?\nPSD2 requires you to perform strong customer authentication (SCA) on affected transactions. Our recommended way of applying SCA is implementing 3D Secure. Both 3D Secure 1 and 3D Secure 2 are compliant methods for applying SCA.\nFor more information, refer to Implement SCA compliance.\nAre my payments affected?\nYour payments fall within PSD2 SCA scope if both your acquiring processing entity and your customer's issuer processing entity are in the European Economic Area (EEA), Monaco, Switzerland, or the UK.\n\n    \n    \n        \n            \n            \n                                    SCA countries and regions\n                            \n        \n        \n            \n\nAustria\nBelgium\nBulgaria\nCroatia\nRepublic of Cyprus\nCzech Republic\nDenmark\nEstonia\nFinland\nFrance\nGermany\nGreece\nHungary\nIceland\nIreland\nItaly\nLatvia\nLiechtenstein\nLithuania\nLuxembourg\nMalta\nMonaco\nNetherlands\nNorway\nPoland\nPortugal\nRomania\nSlovakia\nSlovenia\nSpain\nSweden\nSwitzerland\nUnited Kingdom\n\n\nIf your business is located in Switzerland, your acquiring processing entity is in the EEA, as funds will be acquired by Adyen's European entity, located in the Netherlands.\n\n\n        \n    \n\n\nTo determine your obligations, answer the questions on the following pages, beginning with:\nIs my business located in one of the in-scope countries\/regions for SCA compliance?\n\nYesMy business is located in the EEA, Monaco, Switzerland, or the UK.NoMy business is not located in the EEA, Monaco, Switzerland, or the UK.\n","type":"page","locale":"pt","boost":18,"hierarchy":{"lvl0":"Home","lvl1":"Online payments","lvl2":"PSD2 SCA compliance guide"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/pt","lvl1":"https:\/\/docs.adyen.com\/pt\/online-payments","lvl2":"\/pt\/online-payments\/psd2-sca-compliance-and-implementation-guide"},"levels":3,"category":"Online Payments","category_color":"green","tags":["compliance","guide"]},"articleFiles":{"checkmark.svg":"<img alt=\"\" src=\"https:\/\/docs.adyen.com\/user\/pages\/docs\/02.online-payments\/51.psd2-sca-compliance-and-implementation-guide\/checkmark.svg?decoding=auto&amp;fetchpriority=auto\" \/>","close.svg":"<img alt=\"\" src=\"https:\/\/docs.adyen.com\/user\/pages\/docs\/02.online-payments\/51.psd2-sca-compliance-and-implementation-guide\/close.svg?decoding=auto&amp;fetchpriority=auto\" \/>","puzzle.svg":"<img alt=\"\" src=\"https:\/\/docs.adyen.com\/user\/pages\/docs\/02.online-payments\/51.psd2-sca-compliance-and-implementation-guide\/puzzle.svg\" \/>","q&a.svg":"<img alt=\"\" src=\"https:\/\/docs.adyen.com\/user\/pages\/docs\/02.online-payments\/51.psd2-sca-compliance-and-implementation-guide\/q&amp;a.svg\" \/>"}}