As of 2020-08-17, the following countries are considered part of the European Economic Area (EEA) and in scope of Strong Customer Authentication (SCA) regulation:

• Austria = AT

• Belgium = BE

• Bulgaria = BG

• Croatia = HR

• Cyprus = CY

• Czech Republic = CZ

• Denmark = DK

• Estonia = EE

• Finland = FI

• France = FR

• Germany = DE

• Gibraltar = GI

• Greece = GR

• Hungary = HU

• Iceland = IS

• Ireland = IE

• Italy = IT

• Latvia = LV

• Liechtenstein = LI

• Lithuania = LT

• Luxembourg = LU

• Malta = MT

• Netherlands = NL

• Norway = NO

• Poland = PL

• Portugal = PT

• Romania = RO

• Slovakia = SK

• Slovenia = SI

• Spain = ES

• Sweden = SE

• Switzerland = CH*

• United Kingdom = GB*

*see Additional Information below

Additional Information

• Though the UK may not be a part of the EEA in the future, they intend to implement or follow SCA regulation.

• Although Switzerland is outside of the European Economic Area (EEA), Swiss merchants will need to meet SCA requirements because Stripe’s acquiring bank for Swiss merchants is located in the UK.

• Strong Customer Authentication (SCA) Enforcement Date