As of September 14th, 2019, new authentication requirements are being introduced for European online payments as part of the second Payments Services Directive (PSD2).
Payments where both the business and the customer's bank are located in the European Economic Area (EEA) need to meet the new Strong Customer Authentication (SCA) requirements.
The deadline being imposed by the European Economic Area / UK is March 14th, 2022.
For more general information, please visit Stripe's article on Strong Customer Authentication.
Alert
If you have Bold Subscriptions integrated with Bold Checkout, please visit Strong Customer Authentication (SCA) for Subscriptions and Bold Checkout
Strong Customer Authentication must be used for transactions that involve money that's moving between bank accounts located within the European Economic Area.
Strong Customer Authentication regulations apply to your business if the following criteria is met:
- Your business uses a bank account in the European Economic Area.
Note: This includes all countries within the European Union plus Norway, Iceland and Liechtenstein.
- You sell to customers with bank accounts located in the European Economic Area.
- You accept payments from credit or debit cards.
- You are using Braintree, Stripe, or PayPal Commerce Platform as your payment gateway.
Note: If you are using a payment gateway that Bold does not support, it's advised that you confirm this payment gateway will support you. We otherwise recommend considering migrating to an officially supported payment gateway.
Merchants affected by SCA regulations will experience the following:
- Transactions that customers neglect to authorize will fail and be retried.
- Some transactions may experience longer processing times as customers will need to manually authorize their payments by completing the authorization challenge.
Note: Transactions that have been authorized will continue to process as expected.
Merchants that meet all of the eligibility criteria will now need to contact their payment gateway (Stripe, Braintree, or PayPal Commerce Platform) to ensure that their SCA / 3DS2 is properly configured.
If you are not currently using Stripe, Braintre or PayPal Commerce Platform as your primary payment gateway in Bold Checkout, please follow the steps in Connect a Payment Processor to Bold Checkout to connect to a supported payment gateway.
FAQs
-
Austria = AT
-
Belgium = BE
-
Bulgaria = BG
-
Croatia = HR
-
Cyprus = CY
-
Czech Republic = CZ
-
Denmark = DK
-
Estonia = EE
-
Finland = FI
-
France = FR
-
Germany = DE
-
Greece = GR
-
Hungary = HU
-
Iceland = IS
-
Ireland = IE
-
Italy = IT
-
Latvia = LV
-
Liechtenstein = LI
-
Lithuania = LT
-
Luxembourg = LU
-
Malta = MT
-
Netherlands = NL
-
Norway = NO
-
Poland = PL
-
Portugal = PT
-
Romania = RO
-
Slovakia = SK
-
Slovenia = SI
-
Spain = ES
-
Sweden = SE
-
Switzerland = CH *
-
United Kingdom = GB **
* Though the UK may not be a part of the EEA in the future, they intend to implement or follow SCA regulation.
** Although Switzerland is outside of the European Economic Area (EEA), Swiss merchants will need to meet SCA requirements because Stripe’s acquiring bank for Swiss merchants is located in the UK.
Europe
If you are a European business who is located within the European Economic Area (EEA) and charges customers cards that were issued within the EEA, you are required to comply with SCA.
Please visit Businesses affected by Strong Customer Authentication (SCA) regulations for more information.
UK
Please visit Businesses affected by Strong Customer Authentication (SCA) regulations for more information.
US and Other Countries
Businesses located outside of the European Economic Area (EEA) are considered outside of the scope and should experience minimal impact of SCA.
Transactions processed by businesses outside of the EEA are considered a one-leg transaction and are therefore not subject to SCA rules.
Please visit Businesses affected by Strong Customer Authentication (SCA) regulations for more information.