Ask me anything: Strong Customer Authentication

Our Senior Product Lead for the Core Payments Group, Milena Shishkova, recently held an ask me anything session focusing on the ramp-up of SCA across Europe. Here's a recap of the event and the on-demand recording.

With the ramp-up of Strong Customer Authentication (SCA) rules gathering pace in the UK and across the European Economic Area (EEA), everybody involved in the payment ecosystem is paying close attention to its impact on payment performance.

In a special ask me anything virtual event, held on Wednesday 17 March, our Senior Product Lead for the Core Payments Group and SCA guru, Milena Shishkova, provided an overview of the trends we’ve seen in the first two months of SCA enforcement and answered questions from merchants in attendance. 

Here's the on-demand recording of the session and a selection of key takeaways. 


Key takeaways: 

  1. A merchant or issuer can initiate an SCA exemption, but the issuer will always have the final authority to challenge the transaction or not. 
  2. If a merchant initiates an exemption that the issuer accepts, the merchant will be deemed liable should the transaction be fraudulent. Issuers are liable for fraudulent transactions if they initiate an exemption for a transaction that is found to be fraudulent and when they mistakenly authenticate a fraudulent transaction. 
  3. Most Payment Service Providers (PSPs) and issuers currently support exemptions in the authorization flow. In the future, most will also support exemptions in the authentication flow once they have adopted the 2.2 protocol. 
  4. Every market, and every issuer within each market, interprets and implements SCA rules differently, meaning that we see different performance levels across Europe. We also see instances of issuers incorrectly implementing SCA logic, leading to transactions being wrongly challenged and soft declined. This occurred recently in several markets but was quickly resolved by the schemes. If merchants notice this happening, they should flag the issue to their PSP. 
  5. According to Mastercard data, the average authentication only success rate across EEA and the UK for March is 79.5% — a slight decrease from the 81.1% success rate seen in February. 

Find out how we can support your business to make the most of Strong Customer Authentication. Get in touch with one of our experts.

Keep up-to-date with all things payments

We process your personal data in accordance with Checkout.com's privacy policy. By subscribing, you consent to us sharing updates with you.

Keep up-to-date with all things payments

The Checkout.com team

Written on Mar 24, 2021 by

Checkout.com

Keep up-to-date with all things payments

We process your personal data in accordance with Checkout.com's privacy policy. By subscribing, you consent to us sharing updates with you.

Keep up-to-date with all things payments

The Checkout.com team

Related articles

payments

6 min read

When should merchants prepare for soft declines with SCA?

Soft declines will rise with Strong Customer Authentication. But exactly when will be different for each country. 

payments

3 min read

Exemptions to SCA 

Here we look at which payments are out of the scope of Strong Customer Authentication and which ones will need exemptions.

payments

5 min read

The early impact of Strong Customer Authentication on payments across Europe

Strong Customer Authentication (SCA) rules came into force across the European Economic Area (EEA) on 31 December 2020. We take a look at the initial impact on payments in Europe.