The EPC made publicly available the response to the European Banking Authority on draft RTS on strong customer authentication and common and secure communication under the revised Payment Services Directive (PSD2).
These RTS are aimed at ensuring an adequate level of security for both customers and Payment Service Providers (PSPs), in the context of online access to payment accounts, initiation of electronic payments and the involvement of so-called third party providers in these services, including access to the customers’ payment accounts. This should be achieved by strengthening the customer authentication and increasing the protection of sensitive payment data, as well as improving the communication between the different PSPs.
Among the key aspects of its response, the EPC stressed that the principles put forward by the EBA should be technology-neutral and future proof.
The EPC also suggested that the exemption to the application of strong customer authentication solutions should not only be applicable to contactless payments, but also to contact card-based transactions in high-speed environments (such as toll ways, parkings, vending machines…).
In addition, the EPC proposes that the exemptions to the implementation of strong customer authentication solutions should remain optional. More concretely, the EPC is of the opinion that a PSP should have the possibility to apply strong customer authentication solutions when there is a risk of payment fraud or other abuses.
Press release
Response
© EPC
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article