What is SCA?
Strong Customer Authentication (SCA) is a new European regulatory requirement which is meant to make online payments more secure and reduce fraud. SCA requires authentication to use at least two of the following three elements:
- Something the customer knows, such as a password or a PIN.
- Something the customer has, such as a phone.
- Something the customer is, such as a fingerprint or face recognition.
But I'm not in Europe! Does this still affect me?
While SCA may not affect you personally, it will affect a number of FormAssembly users. Because of this, we will be making updates to our Stripe integration in order to take advantage of Stripe’s new SCA functionality. This move is recommended by Stripe and puts us in a position to take advantage of new functionality in the future as well!
What will be changing?
Most of the necessary changes will be happening behind the scenes. For example, we'll be using Stripe's latest Payment Intents and Setup Intents rather than the previous Charges and Subscriptions. However, you'll still be able to collect one-time and recurring payments as you did previously.
The most visible change will be within the Stripe Aliases. You will now have access to the new aliases for Stripe! While these updates occur, your current configuration should not incur any issues. However, you will need to change all of your old aliases and republish any forms which have been published with the copy/paste (embedding the form's HTML) method in order to take advantage of the update.
What do I need to do?
You should have received an initial email from our team which included a list of Form IDs that require updates. If you are here after receiving your initial email, no changes need to be made at this time. You will receive a second email announcing that SCA Compliance is live. Once you receive the second email, please follow these steps:
Refresh Your Connector Aliases
Before you can access your new aliases, you’ll need to go into the Stripe Connector page on each of your forms by clicking to “Configure” the connector:
Or by clicking the “Connectors” button on the left-side menu of your Form Builder:
Next, save your connector to refresh the aliases. You do not need to make any changes in the connector first. This will cause the connector aliases to refresh, and will make them available in all of your various formula editors. It will also create the new hidden Stripe fields automatically in your form. These will include a new Customer ID field, Payment Method, Payment Intent, and Setup Intent.
Finally, you can delete your old hidden Stripe fields (Customer ID, Subscription ID, Charge ID).
Update Your Stripe Aliases
If you are using Stripe aliases anywhere in your forms, you'll need to update them to the latest format. This does include Stripe aliases used in Salesforce connectors. The newly available aliases are as follows:
Stripe Subscription ID
- Old Alias: STRIPE_SUBSCR_NN
- New Alias: STRIPE_SETUP_INTENT_NN
Stripe Charge ID
- Old Alias: STRIPE_CHARGE_NN
- New Alias: STRIPE_PAYMENT_INTENT_NN
Stripe Payment Method ID
- This is a new alias which did not exist previously
- New Alias: STRIPE_PAYMENT_METHOD_NN
Stripe Customer ID
- This alias has remained the same
Please Note: To use the Payment Intent field you must connect to Stripe using OAuth authentication in your connector. You cannot use the Payment Intent field if you are using Stripe secret keys to authenticate your connector.
Republish Your Forms
If you are using the copy/paste publishing method (embedding form HTML in your site), then we recommend republishing your forms after the SCA Compliance release in order to implement the updates.