The EBA published a Discussion Paper on strong customer authentication and secure communication. The revised PSD2 will mandate the EBA to deliver Regulatory Technical Standards on this topic, which the EBA is required to deliver by January 2017.
The revised Payment Services Directive (PSD2) is expected to enter into force in January 2016 and to apply from January 2018. The Directive will confer on the European Banking Authority (EBA) the development of six technical standards and five sets of guidelines. The regulatory technical standards (RTS) on strong customer authentication and secure communication is key to achieving the objective of the PSD2 of enhancing consumer protection, promoting innovation and improving the security of payment services across the European Union.
The RTS, which the EBA will be developing in close cooperation with the European Central Bank (ECB), will specify the requirements of the strong customer authentication; exemptions from the application of these requirements; requirements to protect the user's security credentials; requirements for common and secure open standards of communication; and security measures between the various types of providers in the payments sector.
In so doing, the EBA and ECB will have to make difficult trade-offs between competing demands and would like to hear views from market participants on where the ideal balance should lie. The EBA and ECB have also identified various issues and suggest some clarifications that would similarly benefit from stakeholder feedback.
Responses to this Discussion Paper can be sent to the EBA until 8 February 2016.
Press release
Discussion paper
© EBA
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article