What you need to know
- Apple is alerting developers to prepare for Strong Customer Authentication in the EEA.
In a news update on the Apple Developer website, the company is reminding developers whose apps are available in the European Economic Area that purchases will need to be compliant with the new Strong Customer Authentication requirements.
Apple has noted that the App Store and Apple Pay will support the new authentication requirements, and is recommending that developers review their implementation of StoreKit and Apple Pay in their apps to ensure they are ready for the change as well.
Online purchase flows for users in the European Economic Area may be impacted by the European Union's upcoming Strong Customer Authentication requirements. The App Store and Apple Pay will support Strong Customer Authentication. We recommend that you verify your app's implementation of StoreKit and Apple Pay to make sure purchases are handled correctly.
The new requirements are set to go into effect on December 31, 2020, and Apple has listed what is changing for developers:
The second Payment Services Directive (PSD2) is a European Union regulation that requires Strong Customer Authentication (SCA) for certain online purchases in order to protect against fraud. When certain transactions are initiated via credit or debit card on a website, in an app, or on the App Store, they must be authenticated by the bank or payment service provider before they can be completed.
- For auto-renewable subscriptions, SCA is required only for the first transaction.
- Purchases under €30 may not require SCA.
- Purchases made with Apple Pay, which already meets SCA requirements, will not require additional authentication.
- Purchases made with mobile phone billing, other payment services, or an Apple ID balance (from gift cards or adding funds) will not require additional authentication.
Developers can learn all about the changes and what to do to ensure that their apps are ready on the Developer website.
