If you do business within the European Economic Area, then you need to be aware of the new "Strong Customer Authentication" (aka "SCA") regulations that are going into effect on September 14th, 2019.
For a full breakdown of what SCA is, and how it effects buying and selling online within the EU, check out this article from Stripe. But the quick version is any eCommerce transactions that originate from within the EU and go to another EU country (France customer buys a hat from a German eCommerce website) is required to do two factor authentication during the transaction.
This update is incredibly important for anyone selling in the EU. Any transactions that cannot support two factor authentication after September 14th could result in a lost sale. This is also the case for recurring subscription charges! If you are processing sales on a platform that cannot handle these new SCA regulations, your sales will suffer.
Thankfully, SamCart has you covered! We have been working to ensure that all SamCart transactions are fully compliant with these new regulations.
SamCart Sellers do not need to do anything. We will do all the work behind the scenes to make sure you are fully compliant, and your sales can continue uninterrupted.
Stay tuned for more information as we continue forward with our SCA progress. Below are some FAQs for you about this topic.
What is Strong Customer Authentication (SCA)?
Strong Customer Authentication (SCA), a new rule coming into effect on September 14, 2019, as part of PSD2 regulation in Europe, will require changes to how your European customers authenticate online payments. Card payments will require a different user experience, namely 3D Secure, in order to meet SCA requirements. Transactions that don’t follow the new authentication guidelines may be declined by your customers’ banks.
Who is affected by SCA?
Your business is based in the European Economic Area (EEA) or you create payments on behalf of connected accounts based in the EEA or you serve customers in the EEA. If you are based outside the EEA or your customer base is outside of this area - then you should be unaffected by the SCA regulations.
Will SamCart be SCA complaint?
SamCart will be fully SCA compliant by September 14th. No additional work or steps are needed by our affected customers.
How will things change for my EU customers?
If your customer is in the EEA and you are a SCA qualified business when they go to make a purchase an additional step will be prompted for them to authenticate their purchase. For subscriptions, Strong Customer Authentication (SCA) requires an additional step of customer authentication. Even if they authenticated in the past, SCA may require your customer to come back online and re-authenticate. We will first try to make a subscription charge. If your customer's bank requires re-authentication we will send that customer an email on your behalf prompting them to re-authenticate. Additionally, in the SamCart dashboard you will be able to see customers whose subscriptions failed because they failed to re-authenticate.
What happens to my existing subscriptions?
Strong Customer Authentication (SCA) requires an additional step of customer authentication. Even if they authenticated in the past, SCA may require your customer to come back online and re-authenticate. Subscriptions / cards created before September 14, 2019, are eligible for SCA grandfathering. Grandfathering means the charges can proceed normally—without re-authentication from customers.
What if I use third party solutions outside of SamCart?
If you use a third-party plugin, platform, or extension partner outside of SamCart to collect payments, contact your partner to see what (if any) work you will need to do to get ready for SCA.