SCA

Strong Customer Authentication (SCA) is a European regulatory requirement introduced under the Revised Payment Services Directive (PSD2) to make online payments more secure and reduce fraud. It mandates that electronic payments must be verified using two or more independent authentication factors from the following categories: something the customer knows (like a password or PIN), something the customer has (such as a phone or hardware token), and something the customer is (biometric data like a fingerprint or facial recognition). SCA applies to most electronic transactions within the European Economic Area (EEA) and is enforced by payment providers and banks to ensure that customers are genuinely authorising each transaction.