The European Payment Services Directive (PSD2) aims to provide more secure credit card transactions and protect cardholders from fraud by adding an extra layer of security to customer-initiated transactions (CIT). This is called Strong Customer Authentication (SCA).
SCA is a two-factor authentication (2FA) requirement wherein, during a consumer-initiated transaction (CIT), the cardholder must provide two of the three elements:
- Something the cardholder knows (such as passwords, passphrases, PIN, sequences, and secret facts)
- Something the cardholder owns (such as cellphones, smartwatches or other wearable devices, smart cards, tokens, and badges)
- Something the cardholder Is (fingerprints, facial recognition, voice patterns, iris format, and DNA signatures)
How Does SCA Work? #
With SCA enabled, a pop-up window will appear when your customers make a payment, asking them to authenticate with 2FA, adding an additional layer of security to your customer-initiated transactions.
The SCA authentication is a process dictated by the customer’s issuing bank. Some banks require the customer to log in using their Username and Password, while others may require a key generator to authenticate on a mobile device or computer.
Supported Gateways #
SCA is currently available for the following two gateway integrations:
- Adyen (see Adyen Gateway Guide)
- Cybersource (see Cybersource Gateway Guide)
Note: Once SCA is enabled on Adyen’s end, you won’t need to enable it on your Salesforce Gateway record. SCA is built into the Adyen integration and will automatically detect EU merchants and EU Credit Cards.
What Chargent Features Use SCA? #
SCA is available for customer-initiated transactions (CIT) when using the following Chargent features:
Payment Request
When your internal Salesforce users create a Payment Request, your customer will receive an email with a payform link. When they access the link and enter their credit card information, they will receive a pop-up notification requesting authentication.
Learn more about this feature by visiting Payment Request.
Take Payment Component in Communities
The Take Payment component allows you to add a payform within your community site. Your customers can access their account at any time, allowing them to make self-service payments. When they enter their credit card information, they will receive a pop-up notification asking for authentication.
Get started with Take Payment in your Salesforce Community.
Testing SCA #
After setting up Payment Request and/or Take Payment, we recommend running multiple test transactions to verify that your SCA implementation is working. Every gateway uses its own SCA test credit card numbers to allow you to test SCA before going live. These are different from the test credit cards provided for standard testing. You should always test your changes in a Salesforce Sandbox before rolling them out in Production.
Use the test SCA credit card information for your gateway:
When you enter the test SCA credit card information and click to make a payment, you should see a pop-up asking you to authenticate by entering an additional authentication factor. Keep in mind that the information requested depends on the issuing bank. For example, some banks require the customer to log in using their Username and Password, while others may require a key generator to authenticate on a mobile device or computer.

Once you submit your authentication, you will receive a message stating, ‘Your payment was submitted successfully’.
See Also
Security and PCI Compliance
Adyen Gateway Guide
Cybersource Gateway Guide