Strong Customer Authentication (SCA) is a European regulatory requirement under the Second Payment Services Directive (PSD2) which enhances payment security and protects cardholders from fraud. The SCA security process applies to electronic payments, including in-person payments and e-commerce online purchases, within the European Economic Area (EEA). Payment transactions without SCA verification will be declined unless the transaction qualifies for an exemption. This process applies to all Bank of America branded Commercial Cards issued in Europe.
Electronic payments require that the cardholder verify their identity using elements that fulfil SCA requirements.
- For in-person payments: The cardholder completes the verification by inserting the card into the merchant’s POS terminal and entering their PIN.
- For e-commerce online purchases: The cardholder completes the verification process using one of the methods illustrated below.
Note: Verification processes may vary differ by Card Issuer. This guide outlines the process used by Bank of America.
1. Strong Customer Authentication via the Global Card Access app (recommended)1