Strong Customer Authentication is when we authenticate a user with at least two of the following authentication family: 

  • something I own (eg: my device)
  • something I know (eg: my password)
  • something I am (eg: my fingerprint)

These should be verified by a single system

We must be able to prove the use of SCA and consent of a user an any time

=> Digital Signature