What is SCA?
Strong Customer Authentication (SCA) is a European regulatory requirement meant to make online payments more secure and reduce fraud. SCA requires authentication to use at least two of the following three elements:
- Something the customer knows, such as a password or a PIN.
- Something the customer has, such as a phone.
- Something the customer is, such as a fingerprint or face recognition.
But I'm not in Europe! Does this still affect me?
While SCA may not affect you personally, it will affect some FormAssembly users. Also, you may not be located in Europe, but your customers might be, or they may have European credit cards that require SCA. Our Stripe integration takes advantage of Stripe’s SCA functionality.
How does this work?
Most SCA features happen behind the scenes. All existing and newly-added Stripe connectors are updated to be SCA-compliant and use additional authentication methods if required by the respondent's bank. Depending on the bank requirements, the form respondent may need to provide additional authentication information through a text, email, or push notification.
The most visible SCA feature is Stripe Aliases that incorporate Stripe's Payment Intents and Setup Intents. These aliases can be used in place of Charges and Subscriptions when sending SCA-compliant charge information to Salesforce.
Stripe Aliases
The SCA-compliant Stripe aliases must be used when sending SCA-compliant payment information to Salesforce. The aliases are as follows:
Stripe Subscription ID > Stripe Setup Intent ID
- Non-compliant Alias: STRIPE_SUBSCR_NN
- SCA-compliant Alias: STRIPE_SETUP_INTENT_NN
Learn more here.
Stripe Charge ID > Stripe Payment Intent ID
- Non-compliant Alias: STRIPE_CHARGE_NN
- SCA-compliant Alias: STRIPE_PAYMENT_INTENT_NN
Learn more here.
Stripe Payment Method ID
- This is an alias that did not exist previously
- SCA-compliant Alias: STRIPE_PAYMENT_METHOD_NN
Learn more here.
Stripe Customer ID
- This alias has remained the same
- STRIPE_CUSTOMER_NN