Strong Customer Authentication - SCA


Strong Customer Authentication (SCA), a new EU regulation coming into effect on September 14, 2019. This will change to how your customers authenticate online payments. With SCA, card payments will have a different user experience. In Glofox this means your customers will mainly see 3D Secure when adding a card. From time to time your customers may be asked to authenticate a payment. 


Adding a card


Adding a card will be a similar experience for your members. When they get to the cart they will click add card as usual. After they enter their card details Glofox checks with your client's bank if they need to see the 3D Secure page. The majority of banks in Europe will say they need to fill out 3D Secure. The card is then saved on your client's account.


If your client has a card issued outside of the EU they are unlikely to see the 3D Secure page. In this case, adding a card will be the same as it currently is.


Making the first payment with a card

In general, when your clients add a card they make a payment soon after. This first payment will not need authentication. Future payments may need authentication


Making a payment with a saved card

Saved cards can be used in two ways:

- A subscription payment

- A payment for one of your services or products. Eg; Clients booking a class and pays with a saved card


Making these charges will now have one significant new step. When a charge is made we check with the bank if this payment needs authentication. If the bank says no, the payment goes through the same as it currently is.

The change comes when the bank says yes. If this happens your clients will receive an email to authenticate the payment. At this point, the payment will show in your Glofox account as Needing Authentication.


The email contains a link to the approval page. On the approval page, they will see a summary of the payment; amount, date, service. Once the client approves the payment the money will come out of their account. The payment will be marked as Paid


This example goes through how a member on a subscription membership could be impacted:



How your clients authenticate payments

Your clients will receive an email which looks like this:


Your logo and business name will show. Your client must click Authorise payment, they will then be taken to a page to complete the authorisation. In most cases, these pages will show their banks 3D Secure page in a pop-up but this depends on the bank that issued their card.

How to see payments waiting to be authorised

You can see payments needing authorisation in two places:

  • The transaction list in Reports
  • Your client's profile

Transaction list



Along with your paid and failed payments, you will see a new status, Pending Authorisation. This means your client has been sent an email to authorise the payment but they have not actioned it yet.

Your client needs to go to their email and follow the link to complete authorisation

Clients Profile




Your client cannot find the email

If your client cannot find the email to authenticate you can always resend it to them


There is no limit to the number of times you can resend the email. If your client clicks Autherise in the same email two times they will see an message letting them know they have already authorised this payment

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.