Level up your Twilio API skills in TwilioQuest, an educational game for Mac, Windows, and Linux. Download Now


Rate this page:

Thanks for rating this page!

We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

PSD2 Compliant Authentication with Authy

The European Payment Services Directive (PSD2) regulation requires Strong Customer Authentication (SCA) for all transactions over €30 by September 2019. This page will show you how to implement a compliant solution for your application using the Authy API. For more detail on PSD2, SCA, and dynamic linking, check out this post.

The Authy API supports 3 channels for PSD2 compliant authorization.

SMS Authorization for PSD2

Use the action and action_message parameter to tie the verification to a specific transaction. The same values are required to verify the token.


action_message for psd2 sms


        Push Authorization for PSD2

        Display transaction details in the Authy App. Each authorization is signed by the end user's device and linked to that specific transaction.


        psd2 push auth

              Include "Payee" and "Amount" in details

              Authy Push Authorization - PSD2 Compliant

              Include "Payee" and "Amount" in details

              Soft Token (TOTP) Authorization for PSD2

              Offline support with transactional TOTP codes in the Authy app. Transaction details are mixed with the application secret to create a unique code tied to the transaction.


              Scan transactional TOTP QR code

              Rate this page:


              誰しもが一度は考える「コーディングって難しい」。そんな時は、お問い合わせフォームから質問してください。 または、Stack Overflow でTwilioタグのついた情報から欲しいものを探してみましょう。