Sign in
An image of the Stripe logo
Create account
Sign in
Home
Payments
Business operations
Financial services
Developer tools
Security
All products
Home
Payments
Business operations
Home
Payments
Business operations
Financial services
Developer tools
Support
Overview
SCA readiness
Update your integration
Plugins
Previous authorization agreements
SCA enforcement
India recurring payments
Testing
No-code options
HomePaymentsSCA readiness

Previous authorization agreements

Learn which payments previous authorization agreements can be used for (sometimes referred to as grandfathering).

If you’re affected by SCA, update your Stripe integration now, even if some of your payments can use previous authorization agreements. Stripe provides migration guides to help.

Eligibility

Strong Customer Authentication requires an additional step of customer authentication, but sometimes you collect payments when your customer isn’t actively using your application. Even if they authenticated in the past, SCA may require your customer to come back online and re-authenticate. To reduce friction in these off-session payments, Stripe APIs enable upfront authentication—so you can authenticate your customer on-session once and reuse the card off-session repeatedly. As of September 14, 2019, you need to use these APIs to reduce the chance of failed payments when reusing cards or creating subscriptions and invoices.

However, you can use previous authorization agreements for off-session payments that meet the following criteria:

  • Cards from EU customers saved before December 31, 2020
  • Cards from UK customers saved before September 14, 2021

This means you don’t have to use Stripe’s new APIs to set up saved cards again, and your off-session payments can proceed normally—without re-authentication from customers.

How it works

You can use previous authorization agreements for all off-session payments that meet both of these conditions, regardless of payment amount and frequency:

  • You saved the card details before the eligibility cutoff
  • You explicitly tell Stripe the transaction is off-session

Stripe automatically looks for a transaction made with the card prior to the eligibility cutoff. If found, Stripe uses the previous authorization agreement for the current transaction. If the bank accepts the previous authorization agreement, the transaction is categorized as out of scope for SCA and can proceed without additional authentication.

If the bank declines the previous authorization agreement, it’s like any other PaymentIntent failing the confirmation step. The PaymentIntent’s status changes to requires_payment_method, and you have to notify your customer to complete the payment.

Saving cards after the eligibility period

Now that SCA has taken effect, save and reuse cards with the Payment Intents and Setup Intents APIs to qualify for off-session exemptions. You can also save cards using Stripe Checkout.

Preparing your saved cards for SCA

For Stripe to reuse authorization agreements, you need to use PaymentIntents and tell Stripe the payment is off-session.

How you saved the card before the eligibility cutoff
What to do after the eligibility period
By passing a token, source, or payment method to the CustomerCreate a PaymentIntent with off-session flag
By creating a SetupIntent or using setup_future_usage in a PaymentIntentCreate a PaymentIntent with off-session flag

For subscriptions and invoices managed with Stripe Billing, refer to the Billing SCA guide.

Next steps

  • Payment Intents Overview
  • Payment Intents Migration Guide
Was this page helpful?
Questions? Contact us.
View developer tutorials on YouTube.
Check out our product changelog.
Powered by Markdoc
You can unsubscribe at any time. Read our privacy policy.
On this page
Eligibility
How it works
Saving cards after the eligibility period
Preparing your saved cards for SCA
Next steps
Stripe Shell
Test mode
▗▄ ▄▟█ █▀▀ ▗▟████▙▖ ██████ ███▗▟█ ███ ███▗▟██▙▖ ▗▟█████▙▖ ███▖ ▀▀ ███ ███▀▀▀ ███ ███▀ ███ ███ ███ ▝▜████▙▖ ███ ███ ███ ███ ███ █████████ ▄▄ ▝███ ███ ▄ ███ ███ ███▄ ███ ███ ▄▄ ▝▜████▛▘ ▝▜███▛ ███ ███ ███▝▜██▛▘ ▝▜█████▛▘ ███ ▀▘
Welcome to the Stripe Shell! This is a graphical user interface of the Stripe CLI. You can use it to discover webhook events and manage your Stripe resources. By pressing ctrl + ` you can toggle it open from any page within the Stripe documentation. - View supported commands: - Listen for webhook events: - Trigger webhook events: - Call Stripe APIs: stripe [api resource] [api operation] (e.g. )
The Stripe Shell is best experienced on desktop.
$