Planning Your SCA Migration

    Learn how to update your integration to avoid declined payments due to Strong Customer Authentication (SCA).

    Updating your integration to support Strong Customer Authentication consists of the following steps:

    1. Identify your payment flow
    2. Determine your integration path
    3. Implement the new integration path
    4. Test dynamic authentication

    Start updating your integration today. Once your integration is live, 3D Secure authentication is displayed when required by SCA.

    Step 1: Identify your payment flow

    First, identify the payment flow that most closely matches your business. Read more about various flows to design a payment flow for SCA.

    Payment flow Description Example Business Scenario
    One-time payments You charge the customer’s cards immediately after they confirm payment. E-commerce
    Recurring payments You charge the customer on a recurring basis. Gym membership for fixed-amount recurring charges, or utility bill for metered billing
    Payments with separate authorize and capture within 7 days. You separately authorize and capture card payments within 7 days after the customer confirms payment. Ridesharing
    Payment captured more than seven days after authorization. You charge the customer's card more than 7 days after they submit payment details. Crowdfunding, or car rental if final amount may change.
    Other off-session payments You save the customer’s cards and charge some time later when the customer is not available to complete authentication. N/A

    Step 2: Determine your integration path

    Choose an integration option based on your payment flow below:

    Step 3: Implement the new integration path

    You will need to make server-side and client-side changes.

    Server-side

    Creating a charge directly through the Charges API is not SCA-ready. Instead, use the Payment Intents API to create a payment. A PaymentIntent tracks the lifecycle of a customer checkout flow and triggers additional authentication steps when required by SCA.

    Follow the migration guide to learn how to migrate from the Charges API to the Payment Intents API.

    Client-side

    In order to dynamically display 3D Secure authentication for card payments, client-side changes are also required alongside server-side changes for the Payment Intents API.

    Follow the guides to learn how to use the Payment Intents API with Stripe.js & Elements, iOS, and Android.

    Using Stripe Checkout

    Follow the guides to integrate Checkout for one-time and recurring payments.

    Step 4: Test dynamic authentication

    To verify that your updated integration handles 3D Secure correctly, be sure to test both successful and unsuccessful authentication flows, using the regulatory test cards.

    By default, 3D Secure authentication is only shown when the customer’s bank requires it, so your checkout conversion is not negatively affected. As of September 14, 2019, your updated integration displays the 3D secure authentication flow automatically whenever required by SCA.

    Next steps

    Was this page helpful?

    Thank you for helping improve Stripe's documentation. If you need help or have any questions, please consider contacting support.

    On this page