Vincent
Created: January 31, 2025
Updated: February 2, 2025
Do you want to learn more?
Read full blog postStrong Customer Authentication (SCA) is a European regulatory requirement introduced under the Revised Payment Services Directive (PSD2). It mandates the use of multi-factor authentication (MFA) for electronic payments to enhance security and reduce fraud.
PSD2 was designed to create a more secure and competitive digital payment ecosystem within the EU. SCA is essential because:
SCA requires authentication using at least two of the following three factors:
This means one-time passwords (OTPs) sent via SMS are not sufficient on their own unless combined with another factor.
Yes, certain low-risk transactions may be exempt, such as:
Passkeys, based on WebAuthn and FIDO2, are an ideal SCA-compliant authentication method because:
SCA is a critical PSD2 security requirement that protects online transactions, reduces fraud, and enhances consumer trust. Passkeys offer a compliant, secure, and user-friendly alternative to traditional authentication methods, aligning with SCA’s security objectives.
Do you want to learn more?
Read full blog postEnjoyed this read?
🤝 Join our Passkeys Community
Share passkeys implementation tips and get support to free the world from passwords.
🚀 Subscribe to Substack
Get the latest news, strategies, and insights about passkeys sent straight to your inbox.
We provide UI components, SDKs and guides to help you add passkeys to your app in <1 hour
Start for free