What is Strong Customer Authentication (SCA) and how will it impact your eCommerce website?

In an effort to improve security and reduce the threat of fraudulent activity online, the Financial Conduct Authority is seeking to further protect consumers who purchase goods and services online.

From 14th September it will be compulsory for businesses to do more to verify buyers’ identities when they are making purchases online, to ensure they are who they say they are. If your online store doesn’t comply, transactions will likely fail.

This EU enforced rule will affect every business that takes payments online. It is each businesses responsibility to make the necessary updates to their website to comply with the new regulation.

Why is SCA so important for my website?

Adding this extra layer of security means that when buying online, customers will be required to provide two independent sources of information to validate their identity:

  • Something only you know e.g. Pin
  • Something you have e.g. code sent to your phone
  • Something you are e.g. fingerprint

Providing a more secure environment for your customers to shop online will build trust with your customers and help with sales opportunities.

What are my next steps?

Many payment gateways companies have already updated the technologies they use to comply with the new regulation. For example, WooCommerce, one of the most popular eCommerce plugins on WordPress, has already upgraded their systems ready for you to update. If this is the case for your technology, you simply need to update to the latest versions of the provided technology to comply.

Please remember to always thoroughly test your website when updating it.

It is likely that most other payment gateway providers will also have updates available, if you have any questions, contact them directly. For example, Stripe has created instructions for customers in preparation for the changes. Equally, if your hosting providers are aware of the changes, they may update your technologies for you, it may be worth checking how they could help too.

How can Alberon help?

Alberon takes online security very seriously, and all affected Alberon Hosted Customers will be updated to ensure they are fully compliant by 14th September. If you would like any advice or need a hand implementing the right updates on your website, please get in contact. We will be happy to help in any way we can.

Why code reviews are essential to creating great software What is software rot and why should you update your systems?