{"id":21477,"date":"2020-01-29T15:44:27","date_gmt":"2020-01-29T15:44:27","guid":{"rendered":"https:\/\/www.arimetrics.com\/glosario-digital\/sca-strong-authentication"},"modified":"2023-10-25T12:45:27","modified_gmt":"2023-10-25T12:45:27","slug":"sca-strong-authentication","status":"publish","type":"encyclopedia","link":"https:\/\/www.arimetrics.com\/en\/digital-glossary\/sca-strong-authentication","title":{"rendered":"SCA &#8211; Strong Authentication"},"content":{"rendered":"<p><strong><img decoding=\"async\" class=\"boxpad alignright wp-image-14878 size-full\" src=\"https:\/\/www.arimetrics.com\/wp-content\/uploads\/2020\/01\/sca.jpg\" alt=\"SCA - Strong Authentication\" width=\"300\" height=\"300\" srcset=\"https:\/\/www.arimetrics.com\/wp-content\/uploads\/2020\/01\/sca.jpg 300w, https:\/\/www.arimetrics.com\/wp-content\/uploads\/2020\/01\/sca-150x150.jpg 150w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>Definition:<\/strong><\/p>\n<p>The <b>Strong Customer Authentication (SCA)<\/b> is a new <b>regulation <\/b>for the verification of online payments, applicable throughout the European Union since September 2019, whose objective is to raise the protection of users of <a href=\"https:\/\/www.arimetrics.com\/en\/digital-glossary\/ecommerce\">Ecommerce <\/a>and pages web and in this way avoid possible dangers such as theft of credentials with the consequent risk of unauthorized transfers of funds.<\/p>\n\n<h2 class=\"indexed\"><span class=\"heading_text\">How SCA Works<\/span><\/h2>\n<p>The <b>SCA <\/b>raises the levels of authentication necessary when making an electronic payment (so it will not only include online payments but also certain payments made in physical stores such as <a href=\"https:\/\/www.arimetrics.com\/en\/digital-glossary\/contactless\">contactless<\/a> card payments).<\/p>\n<p>To make the payment, the use of at least two of the following three authentication elements based on <b>possession,<\/b> <b>knowledge<\/b> and <b>inherence<\/b>will be mandatory:<\/p>\n<ul>\n<li>Something known to the user as a password<\/li>\n<li>Something the user owns, such as their smartphone<\/li>\n<li>An inherent element of the user such as their fingerprint.<\/li>\n<\/ul>\n<p>It is important to mention that these elements must be independent of each other so that if one of them fails it is not possible to authenticate illegitimately with the others.<\/p>\n<p>From the confirmation of these elements we will obtain a one-time <b>authentication code <\/b>with which to finish the confirmation of the payment. It is guaranteed that this code is impossible to falsify and that from it it is not possible to extract any information about the authentication elements.<\/p>\n<h2 class=\"indexed\"><span id=\"excepciones-de-la-sca\" class=\"anchor\"><\/span><span class=\"heading_text\">SCA Exceptions<\/span><\/h2>\n<p>The SCA will not apply in all cases but for certain operations these will be<b> exempt from <\/b>the application of these protocols. Exemptions include:<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Payment <b>terminals not served<\/b> in transport and car parks<\/li>\n<li>The <b>Point of Sale (POS) terminals<\/b> of Contactless System for a maximum of 5 individual payments accumulated for an amount less than \u20ac 150 and provided that none of the individual payments exceeds \u20ac 50.<\/li>\n<li>Payments of less than 30\u20ac.<\/li>\n<li><b>Payments made between companies<\/b> through B2B methods.<\/li>\n<li><b>Credit transfers between accounts of the same holder.<\/b><\/li>\n<li>Those included in lists of <strong>trusted beneficiaries.<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2 class=\"indexed\"><span id=\"consecuencias-de-la-implantacion-de-la-sca\" class=\"anchor\"><\/span><span class=\"heading_text\">Consequences of the implementation of the SCA<\/span><\/h2>\n<p>As far as the <b>user<\/b> is concerned, it seems that almost everything will be advantages, this will be more protected against future frauds and scams and ultimately increase their confidence when making online payments.<\/p>\n<p>However, the implementation of the measure has caught many companies and businesses by surprise, generally <b> SMEs<\/b>; which are not yet prepared to guarantee the application of the measure to customers, in addition, there are multiple studies that estimate the losses in the first year of implementation of the measure in billions of euros.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Definition: The Strong Customer Authentication (SCA) is a new regulation for the verification of online payments, applicable throughout the European Union since September 2019, whose objective is to raise the protection of users of Ecommerce and pages web and in this way avoid possible dangers such as theft of credentials with the consequent risk of [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"template":"","encyclopedia-tag":[],"class_list":["post-21477","encyclopedia","type-encyclopedia","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.arimetrics.com\/en\/wp-json\/wp\/v2\/encyclopedia\/21477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.arimetrics.com\/en\/wp-json\/wp\/v2\/encyclopedia"}],"about":[{"href":"https:\/\/www.arimetrics.com\/en\/wp-json\/wp\/v2\/types\/encyclopedia"}],"author":[{"embeddable":true,"href":"https:\/\/www.arimetrics.com\/en\/wp-json\/wp\/v2\/users\/7"}],"wp:attachment":[{"href":"https:\/\/www.arimetrics.com\/en\/wp-json\/wp\/v2\/media?parent=21477"}],"wp:term":[{"taxonomy":"encyclopedia-tag","embeddable":true,"href":"https:\/\/www.arimetrics.com\/en\/wp-json\/wp\/v2\/encyclopedia-tag?post=21477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}