What is strong authentication (SCA)

From January 1, 2021, all online purchases must apply the reinforced authentication protocol, the first big step to end the coordinate cards and improve security in the purchases we make online. Surely your bank has been sending you messages about this activation for a few months , since in many cases you will have to go through their application to be able to approve the payment.

We are going to explain everything about SCA (Strong Consumer Authentication or strong authentication), a mandatory authentication procedure starting this year that tries to verify the identity of customers using between two and three factors .


The mega guide to mobile payments (2020): what services are available in Spain and which banks are compatible with

SCA or Strong Authentication, a new security protocol.

SCA (Strong Consumer Authentication or strong authentication) is a reinforced security standard that allows us to confirm our identity through different factors. The purpose is to verify the authenticity of the customer with these key points.

  • Something the customer knows: a password or a PIN
  • Something the customer has: a mobile phone to send an SMS to or a banking app
  • Something that identifies you: fingerprint or facial recognition

The methods to authenticate the user will depend on the implementation made by the bank itself.

Each bank will be the one that defines the steps necessary to make the transaction online, having to choose at least two of the three factors mentioned. In banks such as ImaginBank or BBVA, we will be asked to open the application to authorize the payment . Since January 1, 2021, it is mandatory for all online purchases , although there are exceptions reflected in the rule, such as low-value purchases, purchases in businesses identified by the client as trusted sites, contactless payments , etc.

Sorry, the video player failed to load.(Error Code: 101104)

Where does this come from? In 2007 the European Union published the PSD (Payment Services Directive) directive with the aim of regulating the electronic payments market in the euro zone . In 2013, the EU began the revision of this standard to end up approving in 2015 a major evolution in it, the PSD2 regulation .

With this new regulation, the SCA was introduced as a two-step authentication method to verify the identity of the user. If you make online payments and your bank application asks you to open it to authenticate , you already know that it is due to this new security standard with different factors.


by Abdullah Sam
I’m a teacher, researcher and writer. I write about study subjects to improve the learning of college and university students. I write top Quality study notes Mostly, Tech, Games, Education, And Solutions/Tips and Tricks. I am a person who helps students to acquire knowledge, competence or virtue.

Leave a Comment