Strong CustomerAuthentication (SCA) is a European regulatory requirement on payment security. Its aim is to improve the security of online payments and it applies to most of them, depending on the security conditions defined by their bank.
The SCA now applies to your customers' payments:
when they use your elloha booking engine on your website,
when you collect all or part of their bookings by credit card from your elloha back office using a platform such as Stripe or PayBox, but also if you use your own virtual payment terminal,
Note that the request for strong authentication is made at the initiative of your customer's bank (the bank card issuer) and that this request is not systematic. It can be triggered randomly or systematically depending on :
the amount to be debited
the type of card used by the customer,
the location from which the customer is making the payment (e.g. the bank may suspect fraud if the customer, based in France, makes the payment from an IP address in Asia, for example)
However, please note that some transactions are not covered by this strong authentication:
transactions carried out by email and telephone are exempt ( MOTO type transactions: Mail Orders and Telephone Orders). In this case, you must have a compatible Eftpos terminal (and therefore one authorised by the contract between you and your bank) to carry out MOTO transactions. Otherwise, you will not be able to cash bankcards without the risk of a strong authentication request being triggered.