Strong Customer Authentication (SCA) – a pivotal part of PSD2 guidelines – requires customers to provide two forms of authentication during certain transactions. If a payment requires SCA, customer transactions will be declined without the correct authentication.
A one-time password (OTP) – also commonly known as a verification code – is a randomly generated password sent to an individual when they need it. Is SMS OTP SCA compliant? How secure is OTP? Moreoever, should you include it in your PSD2 SCA?
Read our white paper to find out whether you should use SMS for your strong customer authentication, and if you do, how could you make sure it is secured.