Braintree’s SCA-ready solution will have the capability to pass flags and indicators when exemptions are requested - in other words, we will accommodate SCA exemptions if our merchants choose to use them. Obtaining an exemption essentially allows a transaction to take place without adhering to the SCA requirement of needing two factors of authentication. Under the regulatory guidelines, exemptions to SCA requirements will be allowed for certain types of transactions. It will also not apply to merchants that contract with acquiring banks licensed outside the EEA, even if the card is issued in the EEA region. SCA requirements will not apply to transactions processed on non-EEA-issued cards. The affected countries/regions include: Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom (including Guernsey, Jersey, and the Isle of Man).īraintree merchants located in Switzerland, Andorra, Monaco, and San Marino will also need to meet SCA requirements because their acquirer is located in the EEA. SCA will be required on card transactions in which both the merchant’s acquiring bank and the bank issuing the buyer’s debit or credit card are located within the European Economic Area (EEA). Inherence: Something they are (such as a fingerprint or other biometric). ![]() Possession: Something they have (such as a device or credit card).Knowledge: Something they know (such as a password or PIN).That means that for a transaction to be approved, merchants must collect and provide the card issuers with two of the following independent authentication factors: SCA mandates that two-factor authentication be performed on electronic payment transactions involving cards. Under PSD2, merchants will be required to use SCA on applicable transactions when executing a payment. ![]() To help address those questions, we’ll look more closely at SCA, including details on what’s required, key dates, information on exemptions, and an introduction to the latest update of the 3D Secure protocol - the solution that Braintree is recommending merchants adopt in order to be SCA-ready. SCA has been the source of a lot of questions - and a lot of uncertainty - for merchants who do business in the affected countries. For the latest information on the ever-evolving regulatory landscape, please refer to our SCA cheatsheet. These new requirements are part of the revised Payment Services Directive (PSD2) regulations and mandate that additional authentication measures be performed on certain electronic transactions. (Re)Infection / Hacking Remediation coverage after baselineĪfter the 30-days of the baseline, the malware cleanup, and hacking remediation is covered by the license and provided with no additional charge.On September 14, 2019, Strong Customer Authentication (SCA) requirements went into effect in Europe. If the website is (re)infected during the first 30 days of the subscription period, customer should upgrade to the Business plan (or any other plan that provides malware cleanup services) to perform a full website audit and find reinfection source. ![]() ![]() If detection occurs, the scan reports should be reviewed by Quttera support team and verified it is not false positive. For the period of the first 30 days from subscription, it is required that neither an internal scanner nor external scanner detects malware on the site in the license. The Basic plan is for the websites that are clean and do not require malware and/or blacklisting removal upon the subscription. Website hosting (dedicated server provider) allows a) modification of PHP parameters and b) read/write access to website files. Customer should have FTP/SFTP/SSH access to the website content. Installation is possible for PHP based websites only (CMSs such as WordPress, Drupal, Magento, Joomla, and others) on shared hosting or a dedicated server. The following addition to the terms and conditions are applied to consider the website valid for the Basic license: Installation requirements
0 Comments
Leave a Reply. |