SCA migration guide for plugins and developer libraries
Learn how to update your Stripe plugin or developer library to support Strong Customer Authentication (SCA).
Note
This SCA guide is designed for developers of Stripe plugins or libraries. If you’re a Stripe user looking for an SCA-ready plugin, visit Stripe Partners.
Do I need to support SCA for my users?
Businesses in the European Economic Area (EEA) accepting online payments from customers in the EEA require a different user experience, namely 3D Secure . Transactions that don’t follow the new authentication guidelines may be declined by a customer’s bank, as of 14 September 2019. This additional layer of authentication requires migrating to SCA-ready solutions like the new version of Checkout or the Payment Intents API, described in Step 2.
Identify your plugin on our platform
Plugins and third-party libraries should include identifying information so we can contact you about future changes or critical updates to the API. Use the setAppInfo function to provide those details in your Stripe integration.
We encourage you to join the Stripe Partner Programme, which includes free registration and more resources for developers building plugins. Learn more about suggested best practices.
Determine your integration path
Refer to the SCA migration guide to review the integration paths for the new version of Stripe Checkout, the Payment Intents API, the Setup Intents API, Stripe Billing, and iOS or Android. For developers of plugins or libraries:
- Choose Stripe Checkout when possible. Stripe’s new version of Checkout is a fully hosted payment page that can be branded by businesses, supports recurring subscriptions, and is the easiest way to provide SCA support to your users.
- For more control over your checkout experience, use the Payment Intents and Setup Intents APIs. These APIs work with Elements, Stripe’s customisable UI components for payment flows, and other Stripe APIs like PaymentMethods, Customers, and Connect. The Payment Intents and Setup Intents APIs display authentication flows like 3D Secure 2, save cards to use later, and ensure your integration is SCA-ready.
- Programmatically subscribe your user to webhooks: You can register a webhook endpoint for your account or connected accounts and manage them with the Webhooks API, simplifying setup for your users.
If none of these options work for your integration, please let us know.
Test dynamic authentication
After you have finished implementing the new integration path, configure your Dynamic 3D Secure Radar rules to test your integration using 3D Secure test cards. Make sure to test both successful and unsuccessful authentication cases.
Notify your users and Stripe
We recommend releasing an update for your users to let them know your payments solution is SCA-ready. You can share the guide to Strong Customer Authentication with your users to help them understand these regulatory changes. When you’ve released an SCA-ready update, please let us know as well.
Caution
Provide an SCA-ready update as soon as you’re finished updating. We direct users to SCA-ready solutions on the Stripe Partners page.