The regulatory language around dynamic linking of authentication codes in remote payments seems to imply that the authentication code must be generated in response to payment creation, but a Q&A clarifies that the authentication code may be created at any stage before the final authorization of the payment transaction by the user.
We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Whenever a payment is initiated via consumer scan, such as a mobile app scanning a QR code, the payment is considered "remote" according to PSD2 even when the consumer is physically at the merchant's location which is considered a "card present" context for card payments. As a result, certain regulatory considerations come into play, such as dynamic linkin of authorization codes.
1