ECB Consultation announcement: Recommendations for the security of internet payments

20 April 2012

On 11 April 2012, the Governing Council of the European Central Bank (ECB) endorsed for public consultation the "Recommendations for the security of internet payments", in the context of the work undertaken by the European Forum on the Security of Retail Payments.

The harmonised, minimum security recommendations are expected to contribute to fighting payment fraud and enhancing consumer trust in such services. They include key considerations and best practices and are applicable to all payment service providers (PSPs), as defined in the Payment Services Directive, that provide internet payment services, such as:

• the execution of card payments on the internet, including virtual card payments, as well as the registration of card payment data for use in wallet solutions; and
• the execution of credit transfers on the internet, or direct debit electronic mandates initiated in relation to the payer’s account, where the payer authorises its PSP over the internet using web-based technology.

Owing to the specific nature of card payments, a number of the recommendations are addressed to PSPs offering acquiring and/or issuing services, as well as to governance authorities of card payment schemes. Moreover, other market participants, such as e-merchants, are encouraged to adopt some of the best practices.

Implementation of the recommendations will be based on the existing legal framework. The authorities represented in the Forum are committed to supporting implementation in their respective jurisdictions and will strive to ensure consistency across countries.

All interested parties are invited to comment on the draft “Recommendations for the security of internet payments” by 20 June, 2012.

Press release

Full Recommendation

© ECB - European Central Bank