What app developers need to know about the new EU payment regulation?

Last year the European Union has announced new Strong Customer Authentication (SCA) requirements for online payments above €30 in the European Economic Area. Starting 2021, the legislation comes into force. 

  • Apple will support SCA both for the App Store and Apple Pay
  • Waiting for more news from Google
  • Stripe also supports SCA

In this article, we will try to explain what exactly developers should expect.

Qonversion also will support SCA for StoreKit in-app purchases and subscriptions so you can be sure your purchases will be handled correctly.

What is going?

Shortly – the European Union has accepted a revised version of Payment Services Directive (PSD2) and requires Strong Customer Authentication (SCA) for online purchases above €30 to protect the European residents against fraud. The regulation is mandatory to protect all online payments through credit or debit card by the bank or payment provider’s authentication before the transaction can be completed. This requirement applies to websites and app stores, so Apple App Store also needs to support SCA.

Countries that belong to the EEA include

 Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden.

Let’s look deeper at the details

  • It affects auto-renewable subscriptions but only for the first transaction (if the amount is to change, the SCA will apply)
  • The regulation affects only purchases above €30
  • We do not know if it affects subscriptions with free trial (if the agreement of subscription happens at the start of trial (i.e. subscribe now, get first x days free, if you don’t like, then unsubscribe, then it will not. However, if the payment agreement kicks in after the free trial ends, then SCA will be in action and will complicate conversion rates.) 

Visa about SCA and recurring transactions: SCA must be applied when the series is set up, or to the first transaction in the series (if the first transaction is initiated by the payer)

How users will approve purchases

We expect it to be similar to 3D-secure – when purchases happen, you receive an SMS code from your bank or a push notification from your bank’s app. 

The main question is how it will affect the conversion from install to trial. The regulation has exemptions, and providers like Apple or Stripe can request them.