Starting September 14, 2019, the European Union requires that all merchants in the EU and UK comply with the Strong Customer Authentication (SCA) requirements of the Payment Services Directive (PSD2). Merchants in all other countries are encouraged to comply with PSD2 as a best practice.
This topic is intended for informational purposes only and should not be construed as legal advice. To determine whether and how your business should comply with any legal obligations, consult with your legal counsel.
Strong Customer Authentication is a key component of PSD2, and requires two of the following:
European banks may decline payments that do not meet the requirements. However, low risk and low value transactions might still be accepted, and subsequent payments in a recurring subscription.
Due to this significant change and to ensure that customer payments are not declined, Adobe introduced the following changes and recommendations for native Commerce payment integrations.
|For most PayPal solutions, no action is required to comply with PSD2, because the requirements are handled by PayPal. For information about specific solutions, see the note at the top of each PayPal topic.
|Starting with the changeover to the installed extension in 2.4.0, the requirements are handled within the included Braintree Payments module and no action is required to comply with PSD2.
Note: To comply with PSD2 using the core integration in previous releases, do one of the following:
- (Recommended) Install the official Braintree payment integration extension from Adobe Commerce Marketplace.
- Enable and configure the Braintree payment method in the Commerce configuration.
|For all other payment integrations, check the available extensions on Commerce Marketplace. Ask your payment provider to recommend a solution for supporting PSD2 requirements.