LoginRadius launches SCA engine for PSD2 compliance

LoginRadius said it has launched a new Strong Customer Authentication engine inside its Identity Orchestration platform to help financial institutions, fintechs and digital commerce companies meet PSD2 rules without adding checkout friction. The release adds OAuth 2.1, PAR and RAR support, plus risk-based orchestration and transaction binding designed to reduce fraud and chargebacks.

Why it matters: - Financial institutions and payment platforms need stronger authentication without hurting conversion rates. - LoginRadius is targeting PSD2 compliance with tools meant to reduce transaction fraud, limit chargeback exposure and avoid regulatory penalties. - The release focuses on keeping sensitive payment data off vulnerable client-side channels.

What happened: - LoginRadius announced a next-generation Strong Customer Authentication engine on June 30, 2026. - The SCA engine is integrated into LoginRadius Identity Orchestration platform. - The company positioned the launch for financial institutions, fintechs and large-scale digital commerce platforms. - Kundan Singh, VP Engineering and InfoSec at LoginRadius, said the new capabilities are designed to balance regulatory compliance with smoother user workflows.

The details: - The SCA framework adds native support for OAuth 2.1 and OpenID Connect specifications. - Cryptographic dynamic linking binds user approval to the payment amount and payee through server-generated tokens. - Pushed Authorization Requests, or PAR, move sensitive payment parameters out of front-channel browser URLs and through backend pipelines. - Rich Authorization Requests, or RAR, allow structured payment context such as currency codes, merchant IDs and exact values to be included in the secure identity stream. - The orchestration layer uses server-side scripting to evaluate live user context against external fraud-scoring databases. - The flow can trigger biometric Passkeys or out-of-band mobile push notifications. - LoginRadius said the framework is fully available today inside the Identity Orchestration canvas. - Administrators can build, test and enforce transaction topologies in the LoginRadius Admin Console without disrupting active applications. - The company said the launch can help enforce the automatic chargeback liability shift from merchants to card-issuing institutions. - The company also said the launch can eliminate compliance penalties tied to PSD2 failures. - The release includes a demo booking option and a full Product Sheet linked from the announcement: book a demo and download the full Product Sheet.

Between the lines: - LoginRadius is leaning into a broader industry shift toward passkeys, server-side orchestration and more structured authorization data. - The pitch is not just about meeting a regulation. It is about reducing the tradeoff between security and checkout completion. - By emphasizing backend controls, LoginRadius is trying to move fraud prevention away from exposed browser-based flows.

What's next: - Enterprises can begin building and testing custom SCA workflows immediately. - LoginRadius is offering technical deep-dive demonstrations for organizations evaluating PSD2-compliant transaction flows. - Wider adoption will likely depend on how easily banks and commerce platforms can plug the engine into existing authentication and payment stacks.

The bottom line: - LoginRadius is packaging PSD2 authentication as an orchestration problem, not just a security checkbox, with the goal of lowering fraud without adding checkout friction.