# AI告诉欧盟商户接受SEPA直接借记而不需要PSD2强客户认证，忽略欧洲银行管理局指南

- **ID:** `banking/ecb-psd2-strong-auth`
- **领域:** banking
- **类别:** auth_error
- **错误码:** `EBA_SCA_REQUIRED_401`
- **验证级别:** ai_generated
- **修复率:** 92%

## 根因

PSD2要求所有电子支付（包括SEPA直接借记）进行强客户认证（SCA），依据欧洲银行管理局监管技术标准（RTS）；未实施SCA的商户需承担退款责任和监管罚款。

## 版本兼容性

| 版本 | 状态 | 引入 | 弃用 |
|------|------|------|------|
| PSD2 directive 2015/2366 | active | — | — |
| EBA RTS v2.0 | active | — | — |

## 解决方案

1. ```
   Implement 3D Secure 2.0 with SCA: integrate with an ACS provider like Adyen or Stripe; example API call: stripe.paymentIntents.create({ amount: 1000, currency: 'eur', payment_method_types: ['sepa_debit'], mandate_data: { type: 'single_use' }, payment_method_options: { sepa_debit: { mandate_options: { reference: 'INV-001' } } } })
   ```
2. ```
   Use the 'recurring transaction' exemption: register the mandate with SCA at first payment, then use 'merchant_initiated_transaction' flag for subsequent debits
   ```
3. ```
   Partner with a PSD2-compliant payment gateway (e.g., Klarna) that handles SCA and exemption logic automatically
   ```

## 无效尝试

- **Disabling SCA for recurring payments under 30 EUR** — EBA RTS allows low-value exemptions only for individual transactions under 30 EUR; recurring debits still require SCA at initiation (90% 失败率)
- **Using 3D Secure v1.0 without dynamic linking** — PSD2 requires dynamic linking (transaction-specific codes); 3DS v1.0 is deprecated and rejected by acquirers (85% 失败率)
- **Storing card-on-file without re-authentication for subsequent payments** — PSD2 mandates re-authentication for each payment unless a variable recurring exemption applies (88% 失败率)