New SCA Guidance Published
The Programme Management Office for Strong Customer Authentication (SCA) have published a comprehensive new SCA Guidance Document (log-in to download).
All players in e-commerce are encouraged to review this guidance which replaces an earlier version published in October 2018. The document reflects changes/updates in the last two years and will assist industry in implementing the requirements of SCA.
The guidance seeks to provide a uniform and consistent approach to be applied to SCA across the payments industry. Whilst not legally binding, the guidance provides a welcome layer of granularity for the industry. The guidance is not sector specific, but seeks to provide clarity and guidance on the most common issues which have arisen.
The SCA Programme Management Office expects to update this guidance to include additional sections, for example, dealing in detail with GDPR considerations of behavioural biometrics and implementation of the Article 18, transaction risk analysis (TRA) exemption, as discussion on these topics concludes.
Also available here is an FAQ document for Issuers (log-in to download) which may include information that members find useful on issuer plans for SCA implementation and ramp up.
SCA implementation is now required by the revised date of 14 September 2021, however retailers that have not already begun to prepare and have not discussed SCA with their gateway or card acquirer should do so immediately.