Follow Us

Follow us on Twitter  Follow us on LinkedIn

12 August 2016

EBA consults on strong customer authentication and secure communications under PSD2

Default: Change to:

EBA’s consultation paper on draft technical standards will ensure appropriate levels of security, while at the same time maintaining fair competition between all payment service providers and allowing for the development of user-friendly, accessible and innovative means of payment.

Payment Services Directive (PSD2) entered into force in the European Union on 12 January 2016 and will apply as of 13 January 2018. The PSD2 has conferred 11 mandates on the European Banking Authority (EBA), one of which relates to the development, in close cooperation with the European Central Bank (ECB), of draft Regulatory Technical Standards (RTS) on strong customer authentication and secure and common communications (Article 98 of the PSD2).

In order to receive early input into this work, the EBA published a Discussion Paper in December 2015, which received 118 responses. The resulting RTS set out a harmonised framework aimed at ensuring an appropriate level of security for consumers, as well as Payment Service Providers (PSP). The RTS propose the adoption of effective and risk-based requirements, which will secure and maintain fair competition among all PSPs, and allow for the development of user-friendly, accessible and innovative means of payment.

The requirements cover strengthened customer authentication, enhanced protection of user's security credentials and common and secure open standards for communications between the various types of providers in the payments sector.

Responses to this consultation paper can be sent to the EBA by 12 October 2016. A public hearing will take place at the EBA premises on Friday 23 September 2016, from 14.00 to 17.00 UK time.

Press release

Consultation paper


< Next Previous >
 Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information

Add new comment