SCA Authentication Event

A webhook event associated with the Strong Customer Authentication (SCA) process.

id stringrequired

Unique webhook event identifier.

timestamp date-timerequired

Represents RFC 3339, section 5.6 date-time.

authenticationProcess

object

eventId stringrequired

A distinct identifier for the SCA authentication event.

walletOperationId stringrequired

A distinct identifier for the wallet operation. This identifier is used to associate the wallet operation with the SCA authentication event.

authenticationMode SCA Authentication Mode (string)required

Possible values: [OUTSOURCED, EMBEDDED, HYBRID]

Mode of the Strong Customer Authentication (SCA) authentication process.

OUTSOURCED - The partner is responsible for handling the entire SCA process.
EMBEDDED - Paysafe is responsible for handling the entire SCA process, including user authentication and compliance with regulations like PSD2.
HYBRID - Paysafe manages the entire SCA process, excluding the communication with the end-user.

flow

object

required

The wallet flow that triggered the Strong Customer Authentication (SCA) process.

type SCA Authentication Flow Type (string)required

Possible values: [AUTHENTICATION, PREPAID_CARD, TRANSFER, WITHDRAWAL]

Type of the wallet flow that triggered the Strong Customer Authentication (SCA) process.

AUTHENTICATION - User authentication.
PREPAID_CARD - Prepaid card details.
TRANSFER - Money transfer payments.
WITHDRAWAL - Withdrawal payments.

properties

object[]

The specific properties of the wallet flow that triggered the Strong Customer Authentication (SCA) process.

Array [

key SCA Authentication Flow Property Key (string)required

Possible values: [PAYMENT_ID, TRANSACTION_ID, SLIP_ID]

The property key associated with the specific properties of the wallet flow that triggered the Strong Customer Authentication (SCA) process.

PAYMENT_ID - Unique payment identifier (transferId or withdrawalId).
TRANSACTION_ID - Unique transaction identifier (transactionId).
SLIP_ID - Unique slip identifier (slipId).

value stringrequired

The value associated with the property key.

]

verification

object

required

Verification details associated with the SCA authentication event attempt.

method SCA Authentication Event Attempt Verification Method (string)required

Possible values: [PASSWORD, PIN, PASSKEYS, OTP, PUSH_NOTIFICATION, BIOMETRIC]

Method used for verifying the SCA authentication event attempt.

PASSWORD - A secret combination of characters, typically chosen by the user, used to authenticate their identity.
PIN - A numeric code, typically six digits, used to authenticate the user's identity.
PASSKEYS - A set of predefined keys or a pattern chosen by the user to authenticate their identity.
OTP - One-Time Password sent via SMS, email, or authenticator application to the user's registered device.
PUSH_NOTIFICATION - A notification sent to the user's mobile device prompting them to approve or deny the authentication request.
BIOMETRIC - Authentication based on unique physical characteristics of the user, such as fingerprint, facial recognition, or iris scan.

channel SCA Authentication Event Attempt Verification Channel (string)

Possible values: [SMS, EMAIL, AUTHENTICATOR]

Channel used to send the verification method to the user.

SMS - Verification method sent via SMS to the user's registered device.
EMAIL - Verification method sent via email to the user's registered address.
AUTHENTICATOR - Verification method generated by an authenticator application installed on the user's device.

value string

The value associated to the authentication event attempt, which must be communicated via a secure notification mechanism.

creationTime date-timerequired

Represents RFC 3339, section 5.6 date-time.

expirationTime date-time

Represents RFC 3339, section 5.6 date-time.