Businesses affected by Strong Customer Authentication (SCA) regulations

Europe

All European Economic Area (EEA)-based businesses charging cards online that were also issued in the EEA are required to comply with SCA and could see increased declines if their Stripe checkout process does not include an authentication step as required by SCA rules, which is available via Stripe Checkout or the Payment Intents API.

UK

The UK Financial Conduct Authority (FCA) has released guidance that in the event of a no-deal Brexit, SCA enforcement will be implemented as planned. See our Q&A on Strong Customer Authentication (SCA) enforcement date for the most current details on timing.

US and Other Countries

Businesses based outside the EEA are considered out of scope of and should see minimal impact due to SCA. Transactions generated from businesses outside of the EEA are considered a one-leg transactions and therefore not subject to SCA rules.

Additional Information