Strong Customer Authentication (SCA) allows for a few specific types of payments to be exempted from ongoing authentication requirements:

Fixed-amount subscriptions

This exemption means that only the first charge of a fixed-amount, fixed-interval subscription for your customer would need to go through 3D Secure. If the amount changes, or the charge occurs outside the normal interval (e.g. a proration or an upgrade) it will likely need to go through 3D Secure again.

Merchant-initiated transactions (including variable subscriptions)

This exemption would apply to delayed payments, variable amount subscriptions or bills for add-ons. In this flow, the first charge would go through 3D Secure. After that, you would be responsible for collecting a mandate which specifies that you are allowed to charge that specific customer up to a certain amount.

Industry requirements for how merchant-initiated transactions will work in practice are still being finalised. Stripe Billing will automatically apply this exemption and is working on our solution now. Sign up to be notified as soon as this use case is supported.

Additional information

• Stripe Billing requests these exemptions for your recurring subscriptions automatically. The cardholder's bank will ultimately decide whether to approve the exemption or whether authentication is still necessary. If the exemption is rejected, Stripe will re-issue the authentication request to your customer automatically.

• Exemptions guide (Stripe Docs)

• Stripe Billing implementation guide for new integrations (Stripe Docs)

• Billing migration guide for existing integrations (Stripe Docs)