Skip to main content

Transaction-specific strong customer authentication

We offer a separate daily data file containing transaction-specific strong customer authentication data to ease the issuer´s reporting requirements. In response to the European Central Bank’s, and subsequently the local authorities, requirements to provide payment statistics (ECB/2020/59), in addition to the existing DWH files we provide an additional daily report with transaction-specific information about strong customer authentication (SCA). The data provided will determine if SCA was performed, and if it wasn’t, which PSD2 exemption was applied.
  • File format: CSV
  • Frequency: Daily file
  • Institution specific report
  • Naming of the file: ‘InstitutionID + SCA + reporting date + reporting time’
    • Example: ‘123456_SCA_2021-11-22-09-37-55’
Sample
When determining the exemption for why SCA was not performed, there can be multiple reasons that apply. Enfuce uses an official prioritisation when deciding which exemption to use when multiple of them apply.

Prioritisation of SCA exemptions

  1. Is the transaction strong customer authenticated (“SCA”)?
  2. If not SCA, is it initiated outside EEA? If yes, then Outside EEA
  3. If not SCA, is it a contactless low value transaction? If yes, then Contactless Low Value
  4. If not SCA, is it initiated at an unattended terminal? If yes, then Unattended Terminal
  5. If not SCA, is it a recurring transaction? If yes, then Recurring Transaction
  6. If not SCA, is it a low value transaction? If yes, then Low Value Transaction
  7. If not SCA, is it a merchant initiated transaction? If yes, then Merchant Initiated Transaction
  8. If not SCA and none of the above apply, then Other