Payer Authentication
Payer authentication is run before a transaction is submitted for authorization. Most of
the time payer authentication is bundled with authorization so that after payer
authentication happens, the transaction is automatically submitted for authorization.
Payer authentication and authorization can be configured to occur as separate
operations. This section shows you how to run payer authentication as a separate process
and pass the payer authentication data when seeking authorization for a transaction.
Payer authentication consists of a two-step verification process that adds an extra layer
of fraud protection during the payment process. During transactions, the transaction
device, location, past purchasing habits, and other factors are analyzed for indications
of fraud. This process collects customer data during the transaction from at least two
of these three categories:
- Something you have: A payment card or a payment card number
- Something you know: A password or pin
- Something you are: Facial recognition or fingerprint
Each of these payment card companies has its own payer authentication product:
- American Express: SafeKey
- Discover: ProtectBuy
- JCB: J/Secure
- Mastercard: Identity Check
- Visa: Visa Secure
Payer authentication can be used to satisfy the Strong Customer Authentication (SCA)
requirement of the Payment Services Directive (PSD2). SCA applies to the European
Economic Area (EEA) and the United Kingdom. SCA requires banks to perform additional
checks when customers make payments to confirm their identity.
Related Information
- See the Payer Authentication Developer Guide for more information about payer authentication.
- See Payer Authentication Processing for information about how to process payments with payer authentication.