3 4 5 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

What is SCA – Strong Authentication

SCA - Strong AuthenticationDefinition:

The Strong Customer Authentication (SCA) is a new regulation for the verification of online payments, applicable throughout the European Union since September 2019, whose objective is to raise the protection of users of Ecommerce and pages web and in this way avoid possible dangers such as theft of credentials with the consequent risk of unauthorized transfers of funds.

How SCA Works

The SCA raises the levels of authentication necessary when making an electronic payment (so it will not only include online payments but also certain payments made in physical stores such as contactless card payments).

To make the payment, the use of at least two of the following three authentication elements based on possession, knowledge and inherencewill be mandatory:

  • Something known to the user as a password
  • Something the user owns, such as their smartphone
  • An inherent element of the user such as their fingerprint.

It is important to mention that these elements must be independent of each other so that if one of them fails it is not possible to authenticate illegitimately with the others.

From the confirmation of these elements we will obtain a one-time authentication code with which to finish the confirmation of the payment. It is guaranteed that this code is impossible to falsify and that from it it is not possible to extract any information about the authentication elements.

SCA Exceptions

The SCA will not apply in all cases but for certain operations these will be exempt from the application of these protocols. Exemptions include:

    • Payment terminals not served in transport and car parks
    • The Point of Sale (POS) terminals of Contactless System for a maximum of 5 individual payments accumulated for an amount less than € 150 and provided that none of the individual payments exceeds € 50.
    • Payments of less than 30€.
    • Payments made between companies through B2B methods.
    • Credit transfers between accounts of the same holder.
    • Those included in lists of trusted beneficiaries.

Consequences of the implementation of the SCA

As far as the user is concerned, it seems that almost everything will be advantages, this will be more protected against future frauds and scams and ultimately increase their confidence when making online payments.

However, the implementation of the measure has caught many companies and businesses by surprise, generally SMEs; which are not yet prepared to guarantee the application of the measure to customers, in addition, there are multiple studies that estimate the losses in the first year of implementation of the measure in billions of euros.

Frequently asked questions about SCA – Strong Authentication

What is SCA – Strong Authentication?

Definition: The Strong Customer Authentication (SCA) is a new regulation for the verification of online payments, applicable throughout the European Union since September 2019, whose objective is to raise the protection of users of Ecommerce and pages web and in this way avoid possible dangers such as theft of credentials with the consequent risk of unauthorized transfers of funds. How SCA Works The SCA raises In the Arimetrics glossary it is placed in a digital marketing context to clarify its role, uses and practical implications.

What is SCA – Strong Authentication used for in digital marketing?

It is used to better analyse an action, tool, channel or behaviour related to acquisition, measurement, communication, sales or user experience. Its value depends on applying it to a concrete decision.

How is SCA – Strong Authentication related to a digital strategy?

It is related to digital strategy when it affects objectives, data, content, technology, campaigns or conversion processes. That is why it should be reviewed together with the business context, not as an isolated term.

What should be considered when working with SCA – Strong Authentication?

It is advisable to review its definition, context, associated metrics, limitations and possible risks. It is also useful to validate whether the concept has a real impact on performance, user experience or decision-making.