Docs
APIs & SDKs
|
Sign in →
Businesses affected by Strong Customer Authentication (SCA) regulations
Strong Customer Authentication

Europe

All European Economic Area (EEA)-based businesses charging cards online that were also issued in the EEA are required to comply with SCA and could see increased declines if their Stripe checkout process does not include an authentication step as required by SCA rules, which is available via Stripe Checkout or the Payment Intents API.

UK

The UK Financial Conduct Authority (FCA) has released guidance that in the event of a no-deal Brexit, SCA enforcement will be implemented as planned. See our Q&A on Strong Customer Authentication (SCA) enforcement date for the most current details on timing.

US and Other Countries

Businesses based outside the EEA are considered out of scope of and should see minimal impact due to SCA. Transactions generated from businesses outside of the EEA are considered a one-leg transactions and therefore not subject to SCA rules.

  • Some European card issuers might choose to decline one-leg transactions, but based on recent discussions with banks in Europe, we expect that this will be uncommon.

  • If you are concerned about declines on one-leg transactions, you can consider integrating Stripe Checkout or the Payment Intents API to prepare. If you are using 3D Secure (3DS) on Sources, you can update your logic to require authentication for EU-based cardholders.

  • While requiring an authentication step can potentially introduce friction that might end in incomplete/lost sales, if you upgrade to Stripe Checkout or the Payment Intents API, you can take advantage of 3D Secure 2 which introduces frictionless authentication that is not available/possible with 3D Secure using Sources.

Additional Information

Did this answer your question?
Related articles
Migrating to Stripe Billing’s Strong Customer Authentication (SCA)-compliant flow
If your Stripe account is based in the European Economic Area (EEA) and you currently use Stripe Billing, we strongly recommend upgrading your…
Billing
·
Migration
·
Strong Customer Authentication
Countries in the European Economic Area (EEA) impacted by Strong Customer Authentication (SCA) regulation
As of 2020-08-17, the following countries are considered part of the European Economic Area (EEA) and in scope of Strong Customer Authentication (SCA…
Strong Customer Authentication
Strong Customer Authentication for destination charges created by a non-European Economic Area platform for EEA-based connected accounts with EEA-based customers
If your platform uses destination charges and is is not in the European Economic Area (EEA), but your connected account(s) and their end customers are…
Connect (Platform)
·
Strong Customer Authentication
Popular topics
1099
Account
Atlas
Billing
Connect
Disputes
Getting started
Invoice
Payments
Payouts
Privacy
Refunds
Taxes
Third-party integrations
Verification
Popular topics
1099
Account
Atlas
Billing
Connect
Disputes
Getting started
Invoice
Payments
Payouts
Privacy
Refunds
Taxes
Third-party integrations
Verification
What is Stripe?
Learn more about Stripe and our products.
Stripe docs
Get familiar with the Stripe products and their features.
Contact Sales
Talk to our team for questions about Stripe capabilities and pricing.
API reference
Explore complete reference documentation for the Stripe API.
Developer chat on Discord
Chat live with other developers on the official Stripe Discord.
© Stripe