Written by Modulr | Jul 24, 2025 11:00:00 PM
Strong Customer Authentication (SCA) is a security requirement under PSD2 that mandates multi-factor authentication for online transactions. This helps to reduce fraud and enhance payment security. There are several notable exemptions, such as when the payer and payee are the same person, where both accounts are held by the same service provider, or where transactions are initiated by businesses through a secured dedicated payment protocol. Strong Customer Authentication (SCA) is a requirement of the EU Revised Directive on Payment Services applicable to payment service providers within the European Economic Area (EEA). The requirement ensures that electronic payments are performed with multi-factor authentication (at least two of: something you have (e.g. a mobile device), something you know (e.g. a password), something you are (a biometric e.g. a fingerprint)), to increase the security of electronic payments. Examples of SCA are 3D Secure for online card payments, secure access to payment accounts and secure initiation of account-to-account payments.