SCA Policy Framework

PXP have designed 4 SCA policies for processing online payments to suit all merchants, sectors and geographies and are working with merchants on implementing them in the way that best fits their trading patterns and customer base.

PXP's default SCA Policy is 1 for all merchants, however if a merchant requires a different policy set, then this can be requested during initial set up.

Alternatively, this can be dynamically set for each transaction by including it in the 3D Secure 2.0 Pre Authentication or 3D Secure 1.0 Enrollment requests under scaDetails.scaPolicy

Please see SCA Policy for more information.

Policy

Description

1

Apply strong customer authentication only when both the card issuer and acquirer are located within the EEA, using the 3DS version supported by the card issuer.
SCA exemptions to be applied by PXP where possible.
Default unless otherwise specified

2

Apply strong customer authentication on all payments regardless of where the card issuer is located, using 3DS 2.0.
If strong customer authentication is mandated but 3DS 2.0 is not supported by the card issuer, then use 3DS 1.0.
SCA exemptions to be applied by PXP where possible

3

Apply strong customer authentication on all payments regardless of where the card issuer is located, using the 3DS version support by the card issuer.
SCA exemptions to be applied by PXP where possible.

4

Do not apply strong customer authentication.