What do I need to do about Strong Customer Authentication?

If you have a WooCommerce store which uses the Stripe integration, you might have received a message like this one recently:

“New tools in the Dashboard to prepare for SCA”

Hello,

Last month, we wrote to tell you about Strong Customer Authentication (SCA), a new European regulatory requirement that will require two-factor authentication on many online payments beginning 14 September 2019. You’ll need to make updates to your Stripe integration to prepare for these changes.

We’ve created tools in the Stripe Dashboard to help you understand how SCA will impact your business and what integration changes will be required. We recommend that you review this information and start planning for these changes soon to be ready for SCA.

If you have any questions, please let us know.

Thanks,

The Stripe team

Why is this happening right now?

SCA is part of the provisions of PSD2 – you can read more about the rule changes here.

WooCommerce explains the changes thus:

“SCA allows for three different authentication methods — something the customer knows, something the customer has, and something the customer is. To succeed, a transaction has to use two of the three…

“…Most payment gateways will use 3D Secure 2 – an update to the 3D Secure system – as their main method of complying with SCA. During checkout, the payment gateway will prompt the customer to provide the additional authentication elements, and the order will only be completed once they do that successfully.

“Some payment methods, like Apple Pay, already incorporate these elements and should be unaffected by SCA.”

So what’s that? What do I need to do?

Nothing. If you’re a WooCommerce store admin using the official WooCommerce Stripe extension, at version 4.2.0 or above, it’s already covered:

That’s it – right there, the official Stripe extension for WooCommerce is SCA ready. Keep your extension up to date, and the changes will be incorporated without any further action.

Get the official Stripe extension for WooCommerce

Do I stop there?

There’s no reason to stop finding new ways to combat fraud. Try activating Radar from within Stripe and toggling the fraud protection rules or book Silicon Dales to do this for you.

It’s also essential to keep your WooCommerce site, plugins and server up to date, or book specialists such as Silicon Dales to test and update your website on a regular schedule.

Leave a comment

No links of any kind allowed in comments - if you add any links, your comment will automatically be deleted.