Authentication- Copy for LLMCopy page as Markdown for LLMs
- View as Markdown
Open this page as Markdown - Open in ChatGPTGet insights from ChatGPT
- Open in ClaudeGet insights from Claude
- Connect to CursorInstall MCP server on Cursor
- Connect to VS CodeInstall MCP server on VS Code
- Copy for LLMCopy page as Markdown for LLMs
- View as MarkdownOpen this page as Markdown
- Open in ChatGPTGet insights from ChatGPT
- Open in ClaudeGet insights from Claude
- Connect to CursorInstall MCP server on Cursor
- Connect to VS CodeInstall MCP server on VS Code
Customer authentication is a fundamental process in digital banking. Customers must authenticate themselves when performing sensitive actions, such as changing personal data or authorizing transactions.
You must integrate the mandatory authentication features below to onboard customers to Solaris products.
Device binding is a prerequisite for Strong Customer Authentication (SCA). It links a specific physical device (e.g., a smartphone) to the customer's account, allowing it to act as a trusted second factor for verifying requests.
Strong Customer Authentication (SCA) is a regulatory requirement under PSD2 for all banks in the European Economic Area (EEA).
You must implement SCA to ensure customers use two distinct authentication factors (e.g., a password + a bound device) to authorize sensitive actions.
3D Secure (3DS) is a security protocol that adds an extra layer of protection to online card payments.
You must integrate 3DS to enable online transactions. It requires the customer to authorize payments via an SMS OTP or an in-app notification.
The PSD2 SCA flow allows customers to authorize Third-Party Providers (TPPs) to access their accounts.
In this flow, the authentication responsibilities are split:
- Partner (You): Handle the First Factor (1FA) via login.
- Solaris: Handles the Second Factor (2FA) via a One-Time Password (OTP).