What is Strong Customer Authentication (SCA)?
Strong Customer Authentication was defined in the European Banking Authority's Regulatory Technical Standards. SCA aims to improve customer security by increasing the strength of their authentication when logging into online banking, from only their username and password to two or more independent multi-factor identification elements. These include something only the user knows (e.g. a one-time password or secure key), something only the user possesses (e.g. a mobile phone) or something part of the user (e.g. a fingerprint). SCA was made mandatory under PSD2 and will be implemented in phases. TPPs operating under open banking must update their user login methods in line with these new SCA requirements.