[Direct Access] CIC / Crédit Mutuel - Systematic SCA

Incident Report for Direct Access Providers

Update

Current behavior : your users must validate the SCA during each synchronization

Posted Feb 20, 2025 - 12:13 CET

Update

Automatic account synchronization is suspended. To validate sthe SCA, your users must initiate a manual synchronization.

Some users may also have difficulty validating SCA. We are trying to find a solution to this problem

Posted Nov 26, 2024 - 15:47 CET

Identified

We have detected an issue on CIC/CM accounts. Indeed, since the end of 2023, the CIC and Crédit Mutuel banks have gradually updated their methods of connecting to customer area on the web interface.
You can find more information via the article on the Crédit Mutuel website : https://www.creditmutuel.fr/fr/particuliers/informations/authentification-forte-dsp2.html#:~:text=De%20quoi%20s%27agit%2Dil,code%20de%20s%C3%A9curit%C3%A9%20Confirmation%20Mobile.

This security measure impacts the synchronizations with these connectors (only on savings/loan accounts) : validation of the connection by mobile confirmation is systematically requested.

Currently we can't bypass this protocol, the users have to validate the Strong Customer Authentication (SCA) during each connection.

We contacted the technical services of the banks and we will keep you informed of any changes about this incident.

Posted May 21, 2024 - 11:28 CEST

This incident affects: France (CIC, Crédit Mutuel).