Strong Customer Authentication

    Learn how the Strong Customer Authentication regulation affects your business and how to update your integration to prepare for it.

    Strong Customer Authentication (SCA), a new rule coming into effect on September 14, 2019 as part of PSD2 regulation in Europe, will require changes to how your European customers authenticate online payments. Card payments will require a different user experience, namely 3D Secure, in order to meet SCA requirements. Transactions that don’t follow the new authentication guidelines may be declined by your customers’ banks.

    To prepare for SCA, you should:

    1. Determine if your business is impacted

    2. Decide which one of our new SCA-ready products is right for your business
    3. Make changes before September 14, 2019 in order to avoid declined payments

    Impacted businesses and payments

    You will need to prepare for SCA and update your Stripe integration if all of the following apply:

    • Your business is based in the European Economic Area (EEA)
    • You serve customers in the EEA
    • You accept cards (credit or debit)

    While some low-risk transactions will not require authentication, banks can choose to not honor these exemptions and request that the customer complete authentication. Even if you’re primarily processing low-risk transactions, you should update your integration so your customers can complete authentication when requested by the bank. Stripe’s new products and APIs help you claim these exemptions and maximize conversion by only requesting authenticatation when absolutely necessary.

    SCA-ready products and APIs

    Stripe has prepared pre-built and customizable solutions to help you prepare for SCA. You will need to update your integration to support 3D Secure 2 before September 14, 2019. Integrations that are not SCA-ready, such as ones that use the Charges API, will start seeing high rates of declines on September 14, 2019.

    With Checkout and Billing, since Stripe manages the end-to-end experience, we can update your integration to prepare for future regulations with minimal changes required by you.

    Checkout

    Use Stripe’s new version of Checkout—a pre-built, Stripe-hosted checkout flow that automatically handles SCA requirements for you. Checkout is customizable and lets you accept payments for one-time purchases and subscriptions on your website.

    Billing

    For businesses accepting recurring payments, Stripe Billing identifies which subscription charges require authentication and sends customizable emails to subscribers when additional authentication is needed.

    Payment Intents API

    For businesses that want to customize their checkout experience, custom SCA-ready flows can be built with the new Payment Intents API along with Elements, Stripe.js, and the iOS/Android SDKs.

    Read the SCA Migration Guide to learn more about which products are best suited for you. For specific product recommendations based on common business scenarios, check out the SCA Payment Flows Guide.

    Questions?

    We're always happy to help with code or other questions you might have. Search our documentation, contact support, or connect with our sales team. You can also chat live with other developers in #stripe on freenode.

    Was this page helpful? Yes No

    Send

    Thank you for helping improve Stripe's documentation. If you need help or have any questions, please consider contacting support.

    On this page