Knowledge Base

Knowledge Base/Billing/Billing information/Strong Customer Authe...

Topics
How will I know my card has been authenticated successfully?
What is EMV® 3-D Secure (3DS)?
How can I identify what the EMV® 3-D Secure (3DS) looks like when I am making purchases online?
What if my authentication fails or I receive an error message?
What if I did not receive an SMS/Text message with my one-time passcode?
What is the cost of the authentication SMS? Who pays this fee?
While staying abroad will I still receive an SMS for online authentication? Who will pay the fee for this?
What happens when my card expires?
What happens if I cancel my card and then get a new one with a different account number?
I would like to shop online but I don’t have my mobile phone on me or the battery is low. How can I verify my identity?
I use my debit/credit card to pay some bills online automatically every month. From now on, will I have to verify my identity every time I pay?
I regularly shop at a specific website. Will I have to verify my identity and payment every single time in the future?
My phone doesn’t have a fingerprint scanner, but does have a front camera. How can I verify my identity during mobile or contactless in-store payments?
Is SCA now the only reason why my card payment was declined?
Which countries will be enforcing PSD2 SCA?
Are other countries and banks outside of the *EU, **EEA, ***CTC adopting PSD2 and/or SCA?

Strong Customer Authentication (SCA) FAQ

YS
Yssel Salas, May 29, 2024

How will I know my card has been authenticated successfully?

You will receive an in-app notification in the case that a required payment authentication fails.


What is EMV® 3-D Secure (3DS)?

EMV 3DS is the new industry standard and protocol for retailers to send data to card Issuers during a so-called “card-not-present“ transaction to help address false declines and lower “card-not-present” fraud – while providing a better customer experience. EMV 3DS is relevant for all “card-not-present” purchases, including recurring and card-on-file payments.


How can I identify what the EMV® 3-D Secure (3DS) looks like when I am making purchases online?

The large Credit Card Schemes and Banks have their own EMV® 3-D Secure (3DS) products.

  • Mastercard’s is called: Mastercard® Identity Check™
  • Visa’s is called: VERIFIED by VISA
  • American Express is called: American Express SafeKey 2.0

What if my authentication fails or I receive an error message?

To authenticate a payment, a cardholder responds to a prompt from their bank and provides additional information. This may be something you know (e.g., PIN), something you use (e.g., card, phone), or something that’s part of what you are (e.g., your fingerprint).

If the payment authentication fails, you should contact the customer service number for your financial institution, which is typically found on the back of your card or on their website. Tell the customer service representative the message that you received.


What if I did not receive an SMS/Text message with my one-time passcode?

If your financial institution uses SMS/Text messages for authentications, you will need to contact the customer service number for your financial institution, which is typically found on the back of your card.


What is the cost of the authentication SMS? Who pays this fee?

The SMS fee and its bearer are determined by the issuer banks, just like in the case of regular notifications. Please check the terms and conditions of your bank with regards to this service.


While staying abroad will I still receive an SMS for online authentication? Who will pay the fee for this?

You will still receive SMS for online authentication while you are abroad. The SMS fee and its bearer are determined by the issuer banks, just like in the case of regular notifications.

Please check the terms and conditions of your bank with regards to this service.


What happens when my card expires?

You should receive a new card from your card issuer and they will usually automatically update this information in your profile.

However, it might be needed to update your card number/credentials on file, if you use this service with Pipedrive.


What happens if I cancel my card and then get a new one with a different account number?

Please speak to your card issuer with regards to the exact process which is also dependent on the services you use.

For example, you might need to register the new card for their authentication program or add your new card details to your wallet or update credentials on file with Pipedrive and other online merchants you use.


I would like to shop online but I don’t have my mobile phone on me or the battery is low. How can I verify my identity?

If your verification method of choice depends on the usage of your mobile phone, then you will be unable to execute the Strong Customer Authentication at that moment and the payment procedure will fail.


I use my debit/credit card to pay some bills online automatically every month. From now on, will I have to verify my identity every time I pay?

Recurring payments do not need to be verified every time, no matter if the amount is the same or if it varies. Only the first payment – when setting up the regular payments – will require SCA to verify your identity and confirm the payments.

You should also have an agreement between you and the retailer that specifies the reason for the payment and the payment amount (or an estimate when the precise amount is not known).


I regularly shop at a specific website. Will I have to verify my identity and payment every single time in the future?

It is up to the Issuer bank to decide whether to take advantage of the exemptions that PSD2 allows, e.g., offering cardholders to build an “allow-list” of trusted retailers where you do not always have to authenticate yourself.

They might also decide to add individual rules around what retailers or products and services qualify for an “allow-list“ or if only payments below a certain threshold do not require additional authentication at allow-list retailers.


My phone doesn’t have a fingerprint scanner, but does have a front camera. How can I verify my identity during mobile or contactless in-store payments?

In lieu of a fingerprint scanner, authentication of payments can be adjusted to other methods, such as screen lock, PIN code and face recognition or in-app authentication.

This depends on the settings of your wallet and bank.


Is SCA now the only reason why my card payment was declined?

It depends. When a debit/credit card is used for making an online payment, there are many parties involved in the payment process: Issuing bank, Switches, Processing Platform, Acquiring Bank and Merchant platform, card networks and the Cardholders themselves.

There could be several different reasons why a payment won’t go through.

  • Card or other details are entered incorrectly
  • Insufficient balance
  • Card expired or new card hasn’t been confirmed yet
  • Card issuing bank declined the transaction for security reasons
  • Card has been reported as lost/stolen or it has been put on fraud alert
  • Account with the merchant needs to be confirmed
  • User dropped, e.g., because of time out, wrong clicks/refreshing the page
  • Anti-virus, firewall software or connectivity/Wi-Fi issues
  • Authentication failures

Which countries will be enforcing PSD2 SCA?

*EU – European Union: Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Republic of Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Monaco, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain and Sweden

**EEA – European Economic Area: EU + Iceland, Liechtenstein and Norway.

***CTC – Contracted Transitional Countries: United Kingdom – 14-Sep-2021 and Switzerland – Date To be Determined

**** Note: France has delayed enforcement until 01-Apr-2021

Are other countries and banks outside of the *EU, **EEA, ***CTC adopting PSD2 and/or SCA?

PSD2 is a set of laws and regulations that applies to the *EU, **EEA, ***CTC only.

SCA using EMV® 3-D Secure is being adopted by Banks around the globe. However, this is at the discretion of the Bank Issuing the card and is not National or International law outside of *EU, **EEA, ***CTC.


If your question is not listed, we recommend that you contact the financial institution that issued your card as only they hold information specific to your account. Typically, there is a customer service number for your financial institution on the back of the card.

Learn about Customer Management Software

Was this article helpful?

Yes

No

Related articles

Got any questions?

Contact us