What is Strong Customer Authentication?
Whenever you try to confirm your request for legal advice or add a new credit card to your account, you might be asked to authenticate the payment with your bank via a pop-up screen. This protocol is part of Strong Customer Authentication (SCA), a new regulation for the European Economic Area requesting banks and payment providers to authenticate digital transactions. This authentication protocol provide an extra security to all your online transactions.
The most common way to authenticate an online transaction is an extra step upon checkout, where the user is asked – by their bank or payment provider – to provide additional information to complete a transaction (e.g. a password, SMS-verification or a fingerprint confirmation).
Do I need to authenticate every time I accept offers for legal advice?
It will depend on the price-offer/frequency and your bank’s authentication policy. Normally, you’ll need to authenticate every time you add or update a new credit card as a payment method.
How do I know this is actually secure?
The authentication will be carried out and secured by your bank or payment provider. The authentication process and its type (password, SMS or fingerprint) is not decided nor provided by LEGID, so if you have any queries regarding security, contact your bank or payment provider directly.
Any exemptions for SCA?
Some specific types of low-risk payments may be excluded from SCA. Upon transaction, your bank or payment provider will evaluate the risk level of the transaction, and further decide whether to apply the exemption or authentication is still obligatory.
For more information please read this article.
Note: Digital payments such as Apple Pay or Google Pay digital wallets are not subject to SCA protocols.