SCA (Strong Customer Authentication) is a European regulatory requirement to reduce fraud and make online payments more secure.
SCA requires authentication to use at least two of the following three elements:
something the customer knows (e.g., password or PIN)
something the customer has (e.g., phone or hardware token or OTP)
something the customer is (e.g., fingerprint or face recognition).