Menu

Expand
Rate this page:

PSD2 Compliant Authentication with Authy

For new development, we encourage you to use the Verify API instead of the Authy API. The Verify API is an evolution of the Authy API with continued support for SMS, voice, and email one-time passcodes, an improved developer experience and new features including:

  • Twilio helper libraries in JavaScript, Java, C#, Python, Ruby, PHP, and Golang
  • Access via the Twilio CLI
  • Improved Visibility and Insights
  • Push authentication SDK embeddable in your own application

You are currently viewing the Authy API. New features and development will be on the Verify API. Check out the FAQ for more information and the migrating to Verify guide to get started.

The European Payment Services Directive (PSD2) regulation requires Strong Customer Authentication (SCA) for all transactions over €30 by 31 December 2020 (14 September 2021 for the UK). This page will show you how to implement a compliant solution for your application using the Authy API. For more detail on PSD2, SCA, and dynamic linking, check out this post.

The Authy API supports 3 channels for PSD2 compliant authorization.

SMS Authorization for PSD2

Use the action and action_message parameter to tie the verification to a specific transaction. The same values are required to verify the token.

Resources:

action_message for psd2 sms

        
        
        

        Push Authorization for PSD2

        Display transaction details in the Authy App. Each authorization is signed by the end user's device and linked to that specific transaction.

        Resources:

        psd2 push auth

              
              
              
              Include "Payee" and "Amount" in details

              Authy Push Authorization - PSD2 Compliant

              Include "Payee" and "Amount" in details

              Soft Token (TOTP) Authorization for PSD2

              Offline support with transactional TOTP codes in the Authy app. Transaction details are mixed with the application secret to create a unique code tied to the transaction.

              Resources:

              Scan transactional TOTP QR code

              Rate this page:

              Need some help?

              We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Community Forums or browsing the Twilio tag on Stack Overflow.

              Thank you for your feedback!

              We are always striving to improve our documentation quality, and your feedback is valuable to us. Please select the reason(s) for your feedback or provide additional information about how we can improve:

              Sending your feedback...
              🎉 Thank you for your feedback!
              Something went wrong. Please try again.

              Thanks for your feedback!

              Refer us and get $10 in 3 simple steps!

              Step 1

              Get link

              Get a free personal referral link here

              Step 2

              Give $10

              Your user signs up and upgrade using link

              Step 3

              Get $10

              1,250 free SMSes
              OR 1,000 free voice mins
              OR 12,000 chats
              OR more