A soft decline can be caused by many factors, and is usually influenced by the issuer's risk assessment logic.
However, it mostly occurs when the issuer indicates Strong Customer Authentication (SCA) must take place to verify the consumer's identity before the transaction request can be authorised.
Soft declines can be retried - the retry will require additional authentication (such as mandating a challenge).
SCA requires authentication to use at least two of the following three aspects:
- Something the consumer knows.
- For example, password or PIN.
- Something the consumer has.
- For example, phone or hardware token.
- Something the consumer is.
- For example, fingerprint or face recognition.