Getting SCA ready with WooCommerce Stripe payment gateway

Last updated on May 25, 2023

WooCommerce Stripe Payment Gateway plugin automatically conforms to SCA without making any additional settings. We ensure that your customer has to go through all these authentications only if truly necessary. And when the customer does need to authenticate, it is done with reliable technologies like biometric ID and 3D secure2.

About SCA

As a part of the second Payment Service Directive (PSD2) regulation, Strong Customer Authentication (SCA) has been introduced in Europe for ensuring secure online payment transactions.

The regulation demands to have a two-way authentication for all online payment transactions. Transactions that fail to meet the SCA authentication parameters may be declined by the concerned banks.

In order to ensure SCA compliance for online payments, you will have to implement an additional authentication in the checkout flow. To comply with the SCA requirement, the customer’s identity has to be verified using at least two of the following:

Something the user KNOWS (e.g. password, pin)
Something the user HAS (e.g. ID card, mobile phone)
Something the user IS (e.g. biometrics)

How SCA changes the checkout workflow?

The checkout with SCA compliance may require you to have an additional authentication step(dynamic authentication) in the checkout workflow.

Payment initiation
To initiate a payment, the customer will have to enter the card details and complete the checkout form.
Prompt dynamic authentication
The stripe platform may check the necessity for authentication. Depending upon the bank, it uses the 3Dsecure2 to initiate a one-time passcode or biometric ID for authentication.
Payment completion
Once the authentication is successful, the payment will be completed.

With SCA, customers will be made to re-authenticate their purchases with a stored card by returning to a website or app. This may be tough for the business systems to manage, frustrated for customers to deal with eventually making the checkout a complicated process. This aside, the authentication procedure may also vary depending on the different localities, the bank involved, and the card network.

For understanding each feature of the plugin, refer to the product setting up article.
Or check out the documentation section for more related articles.

To know more about the product, check out the Stripe Payment Gateway Plugin for WooCommerce.

Article by Shesna

Shesna is a technical content writer for WebToffee. She is familiar in working closely with the SMEs to break down complex technical information into a concise, easy to understand manner.

Alek

December 30, 2019

So your Plugin Woocommerce Stripe Payment Gateway is automatically SCA conform without making any extra settings?

Reply
- Mark
  
  December 30, 2019
  
  Hi Alek,
  
  Yes, The plugin is SCA compliant without any extra settings.
  
  Reply
  - Abid Hussain
    
    November 22, 2021
    
    I have configured the plugin, the normal flow working but its not asking for 3d authentication. Can you help me how to activate 3d secure process?
    
    Reply
    - Mark
      
      November 23, 2021
      
      Hi Abid,
      
      Are you checking in live or sandbox mode?
      
      Reply

Got any query? Please leave a comment or reach out to our support
Cancel reply

Plugin spotlight

WooCommerce Stripe Payment Gateway

4.88

$59 – $189

View product

On this page

About SCA
How SCA changes the checkout workflow?

Cookie	Description
__cfruid	Cloudflare sets this cookie to identify trusted web traffic.
__stripe_mid	Stripe sets this cookie cookie to process payments.
__stripe_sid	Stripe sets this cookie cookie to process payments.
cookielawinfo-checkbox-advertisement	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-necessary	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-preferences	This cookie is set by the GDPR Cookie Consent plugin to check if the user has given consent to use cookies under the "Preferences" category.
CookieLawInfoConsent	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
PHPSESSID	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user sessions on the website. The cookie is a session cookie and is deleted when all the browser windows are closed.
viewed_cookie_policy	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not a user has consented to the use of cookies. It does not store any personal data.

Cookie	Description
_ga	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randomly generated number to identify unique visitors.
_ga_BQH8MSKD4M	This cookie is installed by Google Analytics.
_gat_gtag	Identification code of website for tracking visits.
_gid	This cookie is installed by Google Analytics. The cookie is used to store information on how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
_hjAbsoluteSessionInProgress	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjid	Hotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInPageviewSample	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.
_hjIncludedInSample	This cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate heatmaps, funnels, recordings, etc.
_hjIncludedInSessionSample	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.
_hjTLDTest	To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails.
CONSENT	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
has_recent_activity	This cookie is used to signal to the code repository website if the user has browsed other website resources during the current session.
tk_ai	Gathers information for our own first-party analytics tool about how our services are used. A collection of internal metrics for user activity and is used to improve user experience.
tk_lr	This cookie is set by the JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack.
tk_or	This cookie is set by the JetPack plugin on sites using WooCommerce. This is a referral cookie used for analyzing referrer behavior for Jetpack.
tk_qs	Gathers information for our own first-party analytics tool about how our services are used. A collection of internal metrics for user activity and is used to improve user experience.
tk_r3d	The cookie is installed by JetPack. Used for the internal metrics for user activities to improve user experience.

Cookie	Description
_fbp	This cookie is set by Facebook to deliver advertisements when they are on Facebook or on a digital platform powered by Facebook advertising after visiting this website.
fr	The cookie is set by Facebook to show relevant advertisements to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook Pixel or Facebook social plugin.
VISITOR_INFO1_LIVE	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
_hjSession_1376571	30 minutes	No description
_hjSessionUser_1376571	1 year	No description
_octo	1 year	No description available.
_zendesk_authenticated	past	No description
_zendesk_session	session	No description available.
_zendesk_shared_session	session	No description available.
edd_wp_session	12 hours	No description available.
logged_in	1 year	No description available.
m	2 years	No description available.

Getting SCA ready with WooCommerce Stripe payment gateway

About SCA

How SCA changes the checkout workflow?

Got any query? Please leave a comment or reach out to our support Cancel reply

Got any query? Please leave a comment or reach out to our support

Got any query? Please leave a comment or reach out to our support
Cancel reply