Products

Service

Online payments

Drive sales across desktops, smartphones and in-app.

Payment gateway

Safe and secure payment gateway.

Full stack payments

All-in-one payment solution with payment gateway and acquiring.

Products

Payment Links

Accept payments using a secure online link.

Fraud prevention

Detect and prevent fraudulent activity.

Authentication

Provide secure and seamless customer authentication.

Featured news

Understanding Incremental Authorisation in payments
Read more
Best practices for implementing 3DS2: Keeping your online payments secure
Read more
See all articles
Solutions

Industries

Mobility

Drive growth with our all-in-one payment solution.

Hospitality

Delight your customers with quick and simple checkouts.

Consumer finance

Seamlessly integrate payments into your finance business.

Healthcare

Flexible, secure payments for clinics, pharmacies & care providers.

Stage

SME

Seamless payment solutions for small and medium businesses.

Featured content

How Apple Wallet is transforming the hospitality experience.
Read more
7 steps for making your small business greener.
Read more
See all articles
About

About

We are the leading mobile payments solution. A part of Fabrick's open finance ecosystem, we provide flexible, secure and innovative payments for a range of different business.

Company

About

Learn more about Judopay.

Customer stories

Discover how we work with our clients.

Careers

Join the team.

Featured news

An interview with KFC

Digital transformation is coming.

Read more
Case study: Remitec

A proactive partnership to support strategic growth.

Read more
See all articles
Developer

Documentation

Developer Docs

Start your payment integration.

Quick Start

Quickly integrate and perform a test payment.

API Reference

Details on all available endpoints.

Sandbox Account

Sign up for an account to process test transactions.

Resources

Video Tutorials

Step-by-step tutorials.

Changelog

Latest updates to our Transaction API.

Status Page

The status of all of our services.

Support Centre

Help & support for Judopay customers.

Developer hub

Payment Services Directive 3 - An Evolution: not a Revolution...
Read more
Creating a data analytics powerhouse.
Read more
PartnersPricingBlog
SupportLoginGet in touch

Strong Customer Authentication

Getting ready for Strong Customer Authentication.

What's that?

Back in October 2015 the European Parliament passed some legislation known as Payment Services Directive 2 (or PSD2 for short). This directive has since been incorporated into each European Union nation state's own legislative framework so whatever happens with Brexit it will apply to the UK as well as the other markets.

PSD2 has meant a number of changes for the payments industry, but one specific area is what’s known as Strong Customer Authentication (or SCA for short).

SCA is a new regulatory requirement to reduce fraud and make online card payments more secure, by having more “authentication” built into the checkout flow.

The requirement is to have payments authenticated as genuine using at least two of the following three data points :

  • Something the customer knows (e.g. their password or PIN)
  • Something the customer has (e.g. the phone or hardware token they are using)
  • Something the customer is (e.g. their fingerprint or face recognition)

The regulatory requirement is to have these new processes in place for 14 September 2019, and from this date banks will decline payments that require SCA but don’t meet these criteria.

‍

Strong customer authentication

‍

So what transactions require SCA and how will it benefit your business?

SCA applies to “customer-initiated” online payments within Europe. Any payment made by customers online. So most card payments will require SCA, although there are some exemptions.

Today, the most common way of authenticating an online card payments relies on 3D Secure (3DS) – the authentication standard developed by Visa and Mastercard and supported by the vast majority of European cards. This typically adds an extra step after the checkout where the cardholder is prompted to provide additional information to complete a payment (e.g. a one-time code sent to their phone or letters from their password to login to their online banking).

To meet the requirements of SCA, the major payment schemes are rolling out 3D Secure 2.0 during the course of this year. Whilst the original version of 3DS was fairly clunky, this new version introduces a better user experience that will help to minimise the friction that authentication adds into the checkout flow.

Visa reports that merchants using 3DS 2.0 will experience a 70% decrease in cart abandonment, and an 85% reduction in transaction time.

3DS 2.0 also gives merchants another anti-fraud tool as it’s designed to better authenticate valid transactions and deny fraudulent transactions. Additionally, it shifts the liability for fraudulent transactions from the merchant to the issuing bank.

Of course, as well as Visa and Mastercard’s 3DS solutions, there are other payment methods such as Apple Pay or Google Pay which Judopay facilitates – that already meet the new SCA requirements in a smooth and frictionless way.

‍

‍

What are we doing at Judopay to help you prepare for SCA?

The changes introduced by this new regulation are set to deeply affect internet commerce in Europe. Businesses that don’t prepare could see their conversion rates significantly drop after the enforcement of SCA begins on 14 September 2019.

In addition to supporting new authentication methods like 3DS 2.0 we believe successful handling of exemptions will become a key component for building a first-class payments experience that minimises friction.

Judopay is making the required changes to ensure our solutions are SCA compliant, including updating our mobile SDKs and creating a Javascript to be added to web pages to send the additional information for web payments.

This helps to make the transition as seamless as possible for our merchants, and if you already use 3DS the update to 2.0 will be straightforward.

However, note that if you don’t currently use 3DS, some development work will be required by you before the September deadline, so please factor this into your plans for the next few months.

We will be working closely with our merchants and partners over the coming months to ensure we are all ready for the deadline, and will provide further detail on development specifics soon.

‍

Exemptions

Under the new regulation, specific types of low-risk payments may be exempted. The most relevant exemptions are :

  • Low Risk Transactions – where real-time risk analysis determines whether to apply SCA to a transaction.
  • Payments below €30 – an exemption that can be used for payment of a low amount.
  • Fixed amount subscriptions – this exemption can apply when the customer makes a series of recurring payments for the same amount, to the same business.
  • Merchant initiated transactions – although requirements for how merchant-initiated transactions will work in practice are still being finalised, payments made with saved cards when the customer is not present in the checkout flow may fall outside the scope of SCA.
  • Trusted beneficiaries – where a customer registers or whitelists a business they trust to avoid having to authenticate future purchases.
  • Sales over the phone (MOTO) – card details collected over the phone fall outside the scope of SCA and do not require authentication.
  • Corporate card payments – payments that are made with a corporate card (e.g. for employee travel expenses) and held directly with an online travel agent, as well as virtual card number corporate payments are also exempt.

‍

While exemptions will be very useful, it is the cardholder’s issuer that will decide whether or not to accept an exemption. Issuers will return new decline codes for payments that failed due to missing authentication, and these payments will then have to be resubmitted to the customer with an SCA request.

Recent posts.

Product

Mobility taxi image for payments

Understanding Incremental Authorisation in payments

Read morePurple background blob

Insights

Judopay and Mobo2Go case study imageTeal background blob

‍7 steps for making your small business greener

Read more

Insights

Strong Customer AuthenticationPink background blob

Take your business to the next level with our payment tips.

Read more
Trustpilot

Company

AboutCareersBecome a partnerGet in touch

Products

Online paymentsMobile paymentsPayment linksGateway onlyFraud protection

Solutions

MobilityHospitalityConsumer financeHealthcare

Resources

BlogDocumentationSupport CentrePress & MediaStatus pageLegal hub
© Judopay 2025.
Service AgreementTerms & conditionsCookie policyPrivacy policyCertificates
Alternative Payments Limited (Company Number 07959933) t/a Judopay is wholly owned by Fabrick S.p.A., part of the Banca Sella Group.