Stripe Support of Strong Customer Authentication


Version 3 of the official Gravity Forms Stripe Add-On made a number of changes to bring our add-on into line with Stripe’s updates around Strong Customer Authentication (SCA) and their new API. This article gives you the basics regarding SCA.

What is SCA (Strong Customer Authentication)?

SCA is a requirement of the EU Revised Directive on Payment Services (often referred to as just PSD2), that affects payment service providers within the European Economic Area. It is intended to ensure that electronic payments are performed with multi-factor authentication, to increase the security of electronic payments.

How does this affect Stripe?

This directive affects all payment gateways that want to collect payments from financial institutions who will be requiring SCA. To that end, Stripe has updated their API to ensure they can meet these requirements. Stripe has a suite of documentation to describe the implications for them and their customers.

So will all my transactions through Stripe now work with financial institutions using SCA?

It will depend upon the collection method you use. Payments collected using:

…are both SCA ready.
Collecting information using the Gravity Forms Credit Card field does not comply with SCA requirements.

I don’t need any of the security of SCA, does this affect me?

Not in practice, no, but do note that the 3.0 update also modified the flow for Stripe Checkout, and removed some existing Stripe Add-On hooks. Review this guide to see a list of those changes.