Skip to main content

Encap SCA

About Encap SCA

Encap SCA is our on-prem Strong Customer Authentication (SCA) mobile product. Encap SCA leverages multi-factor authentication (MFA) to verify that the authorised end-user is the person making the transaction, and not an unauthorised third party, such as a hacker or fraudster.

Our MFA solution uses a combination of something the end-user has, such as a mobile device, with either:

  • Something the user knows, such as a PIN code.
  • Something the user is, such as biometrics. For example, this could be fingerprint or facial recognition.

Omnichannel, global and compliant

Encap SCA is an authentication product that allows your end-users to use their mobile device to authenticate and authorise transactions through your mobile app. The device uses on-device biometrics or an end-user selected PIN code, in combination with the device itself, to achieve two-factor authentication.

It is built to support omni-channel transactions. This means that the transaction will always be approved by your end-user in your mobile app, regardless of the channel in which the transaction was initiated. Encap SCA can be used in any country, allowing you to use a single solution across your global business.

Encap SCA complies with the Payment Services Directive (PSD2) and the General Data Protection Regulation (GDPR).


Encap SCA has a layered security strategy. This means that we regularly add new layers of security to ensure that our product keeps up with the threat landscape.

Our security features can help you prevent and reduce fraud by protecting against various types of mobile attacks, including:

Man-in-the-middle (MITM) attacks

Encap SCA provides multiple layers of security to prevent a hacker from intercepting the communication between the mobile app and the backend system. For example, we use end-to-end encryption (E2EE) and an operation context to prevent unauthorised access.

Phishing attacks

Phishing attacks where the end-user is tricked into giving away their credentials are becoming more frequent. Encap SCA can help prevent these types of attacks by using server-side biometrics and an operation context to verify the user and prevent unauthorised access.

Device cloning

Cloning a device can give an attacker access to all of the end-user's installed apps, including mobile banking apps. Encap SCA uses hardware-protected keys and dynamically generated authentication keys to detect if a device is a clone. If a cloned device is detected, all operations on that device are rejected.


There are two ways to integrate with Encap SCA.

Integration with SDK

The most common integration path uses the following components:

  • Encap SCA server
  • Mobile SDK for Android and iOS

The server is deployed in your infrastructure and exposes all operations through REST APIs. The SDK is integrated into your mobile app to give you complete control over the user journey and experience.

Diagram showing integration with Encap SCA via SDK

Diagram showing integration with Encap SCA via SDK

Integration with Authenticator App

If you do not have a mobile app or if you wish to have a standalone Authenticator App, we offer a white-label Authenticator App that you can use.

This integration path uses the following components:

  • Encap SCA server
  • Authenticator App
Authenticator App

The Authenticator App is available for both Android and iOS . You can read more about it in our Authenticator App documentation.

Diagram showing integration with Encap SCA via Authenticator App

Diagram showing integration with Encap SCA via Authenticator App

Use case examples

Encap SCA is built flexibly, to enable you to implement any use case that you might have. Here are some examples of how the solution is being used today:

  • Authenticate an end-user in mobile app scenarios
  • Authenticate an end-user in web scenarios
  • PSD2-compliant payment authorisations
  • Customer support identifications
  • Onboarding and re-onboarding
  • 3DS payment authorisations
  • Consent signatures


Encap SCA is a tool to drive mobile business. Today it has millions of end-users who use this technology to perform authentications and authorisations across Europe.

Here are some examples of where Encap SCA is being used today:

  • Banking
  • Wealth management
  • Insurance
  • Healthcare
  • iGaming

Customer cases

You can read about how our customers are using our solutions today in our customer cases:

Encap SCA components

Try it out


For any further queries, you can contact us at