In September 2019, the second Payment Services Directive (PSD2), specifically the requirement for Strong Customer Authentication (SCA) for remote payments came into effect.
These requirements will impact the way consumers in Europe access their Internet banking applications, pay for e-commerce purchases, and use new financial services provided through Open Banking.
The starting point for any financial transaction must be to establish the identity of the parties involved. In person, a valid ID card may be sufficient and digitally, using a login and password is usually enough.
However, when interactions are happening remotely through multiple channels and multiple partners, there is often a need to use multiple factors of authentication e.g. a login and password plus a pin number.
PSD2 is increasing the security level for authentication to financial services across the whole of Europe, and is harmonizing the strength of authentication processes for financial applications. Because of PSD2, financial institutions have been phasing out weak authentication methods.
PSD2 ensures that advanced authentication concepts, such as dynamic linking, device binding for mobile apps, mobile application shielding and transaction risk analysis become standard security tools in financial services.
PSD2 is also accelerating the adoption of adaptive authentication methods, which adjust the way in which the user is authenticated to the risk of what the user wants to do.
Deadline for banks to implement SCA for Internet banking: 14 September 2019, except in the UK where the deadline is set as 14 March 2020
Deadline for banks to offer Open Banking interfaces: 14 September 2019
Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.