WayMore.io Automation Platform

An introduction to strong customer authentication

Customer Authentication
As online payment frauds increase the need for stronger authentication is something both businesses and consumers should demand.
minute read
Customer Authentication

Many people fret over security in online transactions. It’s nothing to fret about. On the contrary, as online payment frauds increase the need for stronger authentication is something both businesses and consumers should demand.

Between 2011-2016 in Europe, the European Central Bank (ECB) has recorded a 66% increase in online payment fraud. Today, online fraud makes up 73% of fraud in Europe and this is steadily rising.

The European Union has been actively engaged in enhancing the safety of all checkout flows for both customers and businesses in the region.

To this end, three years ago, on 14 September 2019, the new Strong Customer Authentication (SCA) requirement for payments came into force, to reduce fraud and make online transactions more secure across the entire European Economic Area.

A lot of businesses have already complied with the regulation, some are on their way (like in the UK where SCA comes into force in September 2021), and some are still thinking about it. So, let’s see what this all means for your business.

What is strong customer authentication?

Strong customer authentication (SCA) is the new requirement under the Payment Services Directive (PSD2) intended to further protect consumers, enhance the security of payments and limit fraud. The directive requires that all electronic payments are made using multi-factor authentication, in order to confirm cardholder identity and increase transaction security.

To that end, all “customer-initiated” online payments and contactless offline payments within Europe, are required to adhere to the Strong Customer Authentication directive. That means that most card payments and all bank transfers require SCA. However, recurring direct debits are considered “merchant-initiated” and don’t require strong authentication.

Therefore, a number of companies that fall under the above criteria and do business in the European Economic Area have been obliged to build an additional authentication process into their checkout flow.

According to the directive payment service providers have to use strong customer authentication when a payer:

a. accesses their payment account online
b. commences an electronic payment transaction
c. completes any action through a remote channel which can lead to a potential payment fraud or other abuse.

Εlements of Strong Customer Authentication

The new directive sets specific requirements for authenticating online payments within the European Economic Area. Every time a customer performs an electronic transaction, strong customer authentication is made available using a multi-factor authentication process. If the authentication sequence matches two out of three distinct requirements, the payment is considered successful. If not, then the transaction is rejected.

These three requirements are as follows:

  • Knowledge – something only the customer knows, like a PIN or a password. 
  • Possession – something only the customer has, like a mobile device or a smart card. 
  • Inherence – something only the customer is, like a fingerprint or facial scan.

Concerns and Benefits of SCA

With SCA regulations placing a burden on businesses, many are concerned about preparing the technical requirements and facing the consequences of the changes in terms of customer experience.

In terms of the technical requirements, one of the main concerns businesses have had is regarding the incorporation of things like biometric authentication into the payment cycle. In terms of customer experience, businesses have feared that any friction added to the customer experience could result in cart abandonment, impacting sales, revenues, and customer retention.

According to statistics 26% of shoppers have abandoned their cart mid-purchase because the checkout process was too long or complicated, and 57% of shoppers will abandon a website if they experience a delay in loading time (3 seconds or longer). It is therefore understandable that many companies were nervous about increasing the complexity and impacting the speed of the checkout process, even in the interest of improving security.

Yet, the benefits of adopting SCA seem to have outweighed the concerns.

Innovation and Customer Acquisition

With a simple SCA process, the customer can be taken from being interested in your service or products to completing a payment in only a few minutes, shortening in this way the sales funnel. Using new services becomes easier – such as top-up and pre-paid credit cards, special offers, and more – as all these services require SCA to be set-up and used.

Increase in consumer security

For the consumers, SCA provides the necessary reassurance, establishing trust, while for society, SCA is a key tool to combat money laundering, human trafficking and terrorism by making access to money more difficult for illegal uses. Additionally, SCA is an equalizer and it can enable everyone with a mobile phone, access to money and accounts, while governments and banks can efficiently handle benefit disbursements and basic bank accounts to manage the funds.

Emphasis in market-wide compliance

SCA is a core element of compliance and ensures an equal playing field for all players in the payment market,as SCA mechanisms must be made available by all. Of course, compliance is just the beginning, as any SCA solution also needs to be improved in order to deliver a pleasant user experience.


When it comes to biometric technology, there is also the added benefit of convenience. Unlocking a device by fingerprint or face scan is quick and does not require the entry of numbers or letters, reducing the probability of last-minute purchase cancellations, when the customer is confronted with impractical passwords. It doesn’t come as a surprise that conversion rates increase with biometrics.

How can WayMore help with Strong Customer Authentication?

As the above suggests, there is a delicate balance between security and a seamless customer journey. Yet, the benefits are overwhelming. It is clear that through SCA you can be sure that customers are provided a modern, high-quality, user-friendly experience, when they expect it and where they expect it. And creating a seamless ecommerce and banking experience that has the power to forge brand loyalty and trust, helping to drive conversions.

Create a seamless ecommerce and banking experience that has the power to forge brand loyalty and trust. WayMore can help your online business carry out the authentication requirements using advanced Multi-Factor Authentication for both your European and global campaigns.

WayMore can help your online business carry out the authentication requirements using advanced MFA for both your European and global campaigns.

As a next-gen cloud-based solution, WayMore seamlessly integrates with your existing security systems, providing a simple, user-friendly streamlined login experience for every user and every application.