Strong Customer Authentication in Commerce and SimpleCart
Very soon, on September 14, the Revised Payment Services Directive (PSD2) comes into effect in the European Union, bringing with it new requirements for securing online payments under the name Strong Customer Authentication (SCA).
SCA requires online (credit card) payments to be authenticated using a new version of 3D Secure, version 2.0. This version of 3D Secure allows frictionless authentication in some cases, to help improve conversions while simultaneously shifting the fraud liability from the merchant to the issuer.
For Commerce, v1.1 is available which includes updates for Stripe and Braintree that are SCA-ready. For a list of all payment methods and their SCA-readiness, please see the documentation.
For SimpleCart, the Stripe gateway has been updated to version 3 which is now available as pre-release.
The other gateways we offer either use hosted checkout pages (Adyen, Mollie, MultiSafePay, PayPal, SagePay) where SCA is the responsibility for the payment provider to implement, or they have not (yet) offered guidance on any upgrades necessary or do not intend to support SCA (Authorize.net, Paymill).
If you have any questions about these updates, please do let us know via [email protected].