Strong Customer Authentication & 2FA

Strong Customer Authentication (SCA) is a new European regulatory requirement as part of the second Payment Services Directive (PSD2) for authenticating online payments and make them more secure.

There are some actions such as funding a transfer from your multi-currency account or viewing the statement that require SCA within the UK and EEA. SCA builds additional authentication by asking two of the following three elements: something the customer knows, something the customer has and something the customer is. If you don't integrate with it and make a request to an SCA protected endpoint, your request will be rejected.

Following those regulations, we need our API to be more secure by ensuring multi-factor authentication from the end-user of Wise account. Two mechanisms are in place depending on the product you are using:

• Personal Token SCA
• Authorization code access tokens or OAuth Flow SCA