× FreshBooks App Logo
FreshBooks
Official App
Free - Google Play
Get it
You're currently on our US site. Select your regional site here:
Back
Try It Free Login
Contact Us

Call Toll Free: 1.866.303.6061

1-888-674-3175

Try It Free Login
Login Try it Free
1.866.303.6061 1-888-674-3175 Contact Us Try It Free Login
4 Min. Read

What Is SCA? (Strong Customer Authentication)?

August 3, 2021
What Is SCA? (Strong Customer Authentication)?

In the modern-day, there is a litany of different ways and methods for a consumer or business to make a payment.

Itā€™s a far-flung cry from the days of cash as king. A recent study has revealed that cash payments represented just 19% of all transactions in the US in 2020.

Nowadays, itā€™s far more common to see people paying with credit cards and debit cards, or hardware such as smartphones with digital wallets.

But with these new methods, come new ways for people to fraudulently access and use other peopleā€™s hard-earned funds.

Thatā€™s where SCA comes in.

But what exactly is SCA? Weā€™ll take a closer look.

Hereā€™s What Weā€™ll Cover:

What Is SCA?

Are American Businesses Affected By SCA?

Is SCA a Good Thing?

Will SCA Be Applied to Every Transaction?

Key Takeaways

What Is SCA?

Strong Customer Authentication, or SCA, is a new European regulation that is designed to help prevent online transaction fraud.

It works by forcing banks to require additional user authentication. They will need this information before they can authorize any payments.

The requirements that SCA requires are similar to the popular two-factor authentication method. But SCAā€™s requirements are more complicated and slightly stricter.

https://www.freshbooks.com/signup

For a bank or service provider to authorize a payment, then a customer must first authenticate the payment. They can do this by using at least two of the three following factors:

  • Something they have (a mobile phone or hardware token)
  • Something they know (such as a debit card PIN number or a password)
  • Something they are (something unique to them such as facial recognition or their fingerprint)

These levels of authentication make it far more difficult for criminals or scammers to commit fraud.

Any bank or service provider that doesnā€™t receive at least two of the above authentication factors must refuse to process the payment.

Are American Businesses Affected By SCA?

SCA is a European regulation. So all businesses that are based in the European Economic Area (EEA) will need to comply with the rules.

Businesses based in the U.S. that process transactions from cards based in the EEA are not subject to the rules that SCA implements.

Yet, many American banks and businesses are changing their current authentication process.

This is to avoid potential transaction declined from banks in Europe. They also have an eye on minimizing the impact of fraud attempts on their business.

Banks such as J.P. Morgan and Bank of America have already started to use the SCA model and many are expected to follow.

If your business deals with Europe in any capacity, then you shouldnā€™t ignore the SCA requirements. If you do, you could end up with a large amount of declined transactions and a potential loss of business.

Is SCA a Good Thing?

Many will point to the benefits of SCA outweighing any potential negative factors.

With SCA regulations in place, it will be far more difficult for both consumers and businesses to be subject to scams or fraud. This means that online shopping and transactions will become far safer.

However, some e-Commerce businesses are wary of the potential effects that SCA will have on their businesses.

They believe that SCA will add friction to the customer experience. This, in turn, could lead to higher rates of ā€œcart abandonmentā€ by customers. They think shoppers will get frustrated with the layers of authentication they will be required to go through.

They worry that any savings they may make from the decreased fraudulent activity will be offset by their lower conversion rates.

Will SCA Be Applied to Every Transaction?

Under the current EEA legislation, a payment provider is allowed to do a risk analysis on each transaction to determine whether or not to apply SCA.

This tends to only be possible if the payment providerā€™s or bankā€™s fraud rates for card payments do not exceed the following thresholds:

  • 0.13% to exempt transactions below ā‚¬100
  • 0.06% to exempt transactions below ā‚¬250
  • 0.01% to exempt transactions below ā‚¬500

It is possible that any U.S. bank or payment provider could implement a similar system.

Key Takeaways

With SCA looming large in Europe, it is yet to be seen if this will be fully adopted by U.S. banks and businesses.

We live in a world that is heading further and further towards online banking and online transactions. Therefore any form of payment protection should be welcomed.

Though the question to be asked is whether we would prefer security or convenience.

Are you looking for more business advice on everything from starting a new business to new business practices?


Then check out our FreshBooks resource hub.

RELATED ARTICLES

Save Time Billing and Get Paid 2x Faster With FreshBooks

Try FreshBooks Free Contact Sales