Strong Customer Authentication readiness

Learn how the Strong Customer Authentication regulation affects your business and how to update your integration to support it.

Strong Customer Authentication (SCA) is a European regulation that came into effect on September 14, 2019, as part of the PSD2 directive. It requires changes to how your European customers authenticate online card payments.

To comply with SCA, you must use for card transactions. Banks may decline payments that don't follow these authentication requirements.

To support SCA:

  1. Determine if SCA impacts your business - Check the requirements below
  2. Choose an SCA-ready product - Review implementation options
  3. Update your integration - Follow the integration guide to avoid declined payments

Which businesses must comply with SCA?

Update your Onerway integration to support SCA if all of the following apply:

  • Based in the (EEA)
  • Serving customers in the EEA
  • Accepting card payments (credit or debit)

Banks can require authentication even for low-risk transactions. Although some transactions may qualify for based on fraud rates, you should still update your integration to support authentication when requested.

How to implement SCA with Onerway products

Whether you charge one-time payments or save card information for later use, Onerway provides prebuilt and customizable products to help you meet SCA requirements.

Integrations that aren't SCA-ready, like those using hosted checkout or legacy JS SDK, might see high rates of declines from banks that enforce SCA.

One-time payments

Accept card payments with the Payments APIPayments API and CheckoutPayments API. Both products allow merchants to customize 3D Secure authentication policies based on their risk management needs.

  • Checkout: A prebuilt, Onerway-hosted checkout flow that automatically handles SCA requirements. Merchants can customize 3D Secure (3DS) policies.
  • Payments API: Allows merchants to customize SCA authentication and build custom payment flows with full control over 3DS policies.

Payment authentication flow

Reusing cards

Save a card for later reuse with the Payments APIPayments API and the SDK. You can also use Checkout to automatically handle SCA requirements, or use Billing to handle SCA for .

For subscription payments, Onerway enforces 3D Secure authentication on the first payment to ensure compliance with SCA requirements. Subsequent recurring payments can use exemptions.

Custom 3D Secure integration

Onerway supports custom 3D Secure (3DS) integration for businesses with:

  • Complete risk control capabilities
  • PCI DSS compliance qualifications

With custom 3DS, you can:

  • Integrate 3DS services yourself
    • Pass authentication results to Onerway via the SDK
  • Complete transactions using your risk assessment

Learn more about custom 3DS integration.

3DS 2.0 Authentication

An authentication protocol designed to reduce fraud and provide additional security for online payments

Overview

Learn about disputes, how they work, and what you can do to prevent them.