xxxx is currently using the Checkout API for payment processing. With the upcoming Strong Customer Authentication (SCA) requirements officially taking effect on 14 September 2019, xxxx will need to migrate to the new API.
Although we anticipate a phased and fragmented enforcement of SCA across Europe, we are encouraging merchants to comply prior to the effective date. As an example, earlier this month, the UK regulator granted an 18 month phase-in period to give banks and businesses more time to prepare for these new requirements.
After September 14, 2019, our APIs will trigger authentication if required by the cardholder’s bank.
If we are not selling to customers outside of the United States, does this affect us? What happens to apps that are not using the new API? The issue for us is that we are using an older version of the mobile-buy-sdk-ios at the moment.
If you're not selling to the EU, you'll be ok without action, though the efforts happening in the EU with SCA is generally a good security process.
I'd definitely recommend staying on the latest version of any of our APIs or SDKs in general. I'd also recommend reading up on this change if you ever plan on expanding to the EU (or just to keep yourself in the loop on the payment industry). Check out our blog post about the changes if you haven't already.