Difference between revisions of "Strong Customer Authentication"

From Beds24 Wiki
Jump to navigation Jump to search
(Created page with "Category:Payments <div class="heading"> Strong Customer Authentication (SCA) </div> __TOC__ = What is SCA? = SCA (strong customer authentication) is a new European requ...")
 
Line 5: Line 5:
 
__TOC__
 
__TOC__
 
= What is SCA? =
 
= What is SCA? =
SCA (strong customer authentication) is a new European requirement created to make online payments more secure.  SCA is based on the use of two or more of the following elements - categorized as knowledge, ownership and inherence:
+
SCA (strong customer authentication) is a new European requirement created to make online payments more secure.  SCA is based on the use of two or more of the following elements - categorized as knowledge, ownership and inherent:
 
   
 
   
 
- Something only the user knows (e.g. password, code, personal identification number).  
 
- Something only the user knows (e.g. password, code, personal identification number).  
  
- Something that only the user owns (e.g., token, smart card, cell phone).  
+
- Something that only the user owns (e.g. token, smart card, cell phone).  
  
- Something that the user is (e.g., biometric, such as a fingerprint).
+
- Something that the user is (e.g. biometric, such as a fingerprint).
  
 
This regulation applies to all EU-based companies that charge credit cards issued in the EU.  
 
This regulation applies to all EU-based companies that charge credit cards issued in the EU.  

Revision as of 11:15, 12 January 2021


Strong Customer Authentication (SCA)

1 What is SCA?

SCA (strong customer authentication) is a new European requirement created to make online payments more secure. SCA is based on the use of two or more of the following elements - categorized as knowledge, ownership and inherent:

- Something only the user knows (e.g. password, code, personal identification number).

- Something that only the user owns (e.g. token, smart card, cell phone).

- Something that the user is (e.g. biometric, such as a fingerprint).

This regulation applies to all EU-based companies that charge credit cards issued in the EU. Companies outside the EU and cards from countries other than the EU are not affected.

2 Bookings OTAs

Collecting a credit card number without SCA will no longer be a reliable means of security as the card holders bank will likely reject the transaction. Many OTAs including Booking.com and Expedia can collect guest payments at the time of booking (channel collect) with SCA. The OTA will then distribute the funds to you by bank transfer or virtual credit card so you avoid the need to deal with SCA and declined transactions. Beds24 can automatically process the virtual cards on the day the funds become available at Stripe and deposit them directly to your account. If you require security or prepayment but do not want the OTA to collect payment, you can accept bookings without card or deposit from the OTA and send a payment request to the guest from Beds24 manually or using auto actions.

3 Direct bookings

You can collect a card payment with the booking using SCA. If you require additional payments from EU guests you will need to send a payment request so the guest can complete the SCA again.

4 Payment Gateways

Paypal and Realex will are taking care of the required functionality from their end.

If you enable ‘Strong Customer Authentication’ for Stripe in (SETTINGS) > PAYMENTS > PAYMENT GATEWAYS > STRIPE , it enables SCA authentication for Stripe booking page payments and payment requests sent to guests.

5 Payment requests

Payment requests sent to the guest after booking are an alternative to collecting a card from an OTA as security. Information on how to set up payment requests is available here

You can find more information about SCA on our blog: https://blog.beds24.com/secure-psd2-compliant-payment-collection/