Strong Customer Authentication

14th September 2019

eu psd2 sca 2017 gpn data

What is Strong Customer Authentication?

Strong Customer Authentication (SCA) is a new European regulatory requirement that aims to reduce fraud and make payments more secure. The specific requirements of SCA are contained in the Regulatory Technical Standards. is committed to introducing an ultra-secure SCA solution that maintains our value of a great customer experience.

When does SCA come into effect?

SCA comes into effect on the 14th September 2019.

How does SCA work?

From the 14th September when accessing your account or approving certain actions, you will be required to authenticate yourself using two out of three of the following:

  1. Something you know – i.e. password or PIN
  2. Something you have – i.e. mobile application
  3. Something you are – i.e. fingerprint or facial recognition

Why is this happening?

The second Payment Services Directive (PSD2) came into effect on the 13th January 2018 which contained 12 mandates. One of these mandates covered strong customer authentication, the Regulatory Technical Standards (RTS) which are effective from the 14th September 2019, detail how the mandate should be implemented. Accordingly, all account providers, online retailers etc. are required to comply with these Standards.

When is SCA applied?

SCA will be used when you do any of the following actions on your account:

  1. Access your account,
  2. Initiate a payment,
  3. Initiate an action which may imply a risk of payment fraud, such as creating a new payee.

Can I opt out of using SCA?

No, the EU directive is mandatory and all customers will be required to complete SCA.

What do I need to do?

Nothing will change for now, but you should download the mobile app and ensure you can access it. The mobile app will be the central tool used to authenticate users once SCA becomes effective.

Please also verify you can access your registered mobile number. To validate that it’s you completing online card transactions, we will send a code via SMS which you’ll then need to enter online.

© 2015 – 2023 Fire Financial Services Limited trading as and Fire.
Fire Financial Services Limited (Fire-EU) is regulated by the Central Bank of Ireland, Reference No: C58301. Registered address: Dogpatch Labs, The CHQ Building, Custom House Quay, Dublin 1, D01 Y6H7, Ireland. Incorporated in Dublin, Ireland, Registration No: 464819.
Fire Financial Services Limited (Fire-UK) is authorised as an Electronic Money Institution by the Financial Conduct Authority, Reference No: 900983. Registered Address: The Rise, 41 Luke Street, London, United Kingdom, EC2A 4DP. Incorporated in England and Wales, Registration No: 11549793.