Strong Customer Authentication (also known as SCA) fulfills a set of regulatory requirements, designed to reduce fraud, making online payments more secure while establishing trust with consumers. SCA adds an extra layer of security by using a third party like a bank to verify the end-customer prior or during an online payment. Riverty currently offers this functionality in Sweden, Norway, Denmark, Finland, and the Netherlands.
SCA is used for risk handling (consumer ratings and fraud risk). For Norway and Sweden SCA is almost always mandatory as it is a key element of fraud prevention and it is a known process for online shoppers. In Sweden SCA is used by 98% of the population between 18-67 years of age.
Country | Sweden | Norway | Finland | Denmark | Netherlands | DACH |
---|---|---|---|---|---|---|
Name of eID method | BankID (SE) | BankID (NO) | FTN (Finnish Trust Network) | MitID (replaces NemID) | iDIN | One Time Password (SMS/Email) |
Required field(s) | Identification number | Identification number | Identification number | Identification number | Date of birth, first name, last name | Phone Number, Email Address |
Country specific restrictions | Only for customers using the following banks: ABN AMRO, ASN Bank, Bunq, ING, Rabobank, RegioBank, SNS. More info: https://www.idin.nl/en/can-i-use-idin/ | |||||
Country specific testcases | The last name has to be Vries and date of birth has to be 1975-07-25 |
The SCA implementation uses a redirect flow which requires the end-customer to be redirected to the secure login URL that was provided by Riverty API during the Authorize Payment or Verify request. The end-customer will be presented with a page with further instructions. After the verification process is completed the end-customer is redirected back to merchant’s web page.
Riverty will decide for which orders and customers SCA will be triggered. This decision is based on a number of parameters, such as order amount, shipping address and other fraud and risk related variables.