Payment authentication
Payment authentication refers to the verification of the payer's identity during a transaction — e.g., via PIN, fingerprint, SMS code, or banking app.
Payment authentication
Payment authentication is the process by which the identity of the payer is verified before a transaction is approved. Depending on the channel and risk level, different authentication methods are used.
At the POS (Point of Sale), authentication typically takes place by entering a PIN or biometrically (fingerprint, Face ID for mobile wallets). For contactless payments under EUR 80, the PIN can be waived in Switzerland.
In e-commerce, authentication is implemented through 3D Secure (Visa Secure, Mastercard Identity Check): the cardholder confirms the payment via banking app, SMS code or biometrically. Strong Customer Authentication (SCA) according to PSD2 requires at least two factors from the categories knowledge, possession and inherence.
Payment authentication examples
A customer pays in-store by card and enters their PIN — this is a single-factor authentication (knowledge).
A customer pays online via Visa. 3D Secure requires confirmation via banking app (possession) — a two-factor authentication.
Apple Pay uses Face ID (inherence) plus the registered device (possession) as two factors for each payment.
Payment Authentication FAQ
What is payment authentication?
Payment authentication is the verification of the payer's identity — via PIN, fingerprint, SMS code, or banking app. It ensures that only the authorized cardholder authorizes the transaction.
Which authentication methods are available for payments?
The three categories are: knowledge (PIN, password), possession (smartphone, hardware token), and inherence (fingerprint, facial recognition). Strong Customer Authentication (SCA) requires at least two of these.
When do I need to authenticate myself for a payment?
For online payments, almost always (3D Secure). At the POS for amounts over EUR 80 or after several consecutive contactless payments. For mobile wallets with every payment (biometric).
What are the three authentication factors?
Knowledge: something you know (PIN, password). Possession: something you have (smartphone, card). Inherence: something you are (fingerprint, face). SCA requires at least two of these.
