|
|
Payment Services Directive (PSD2) entered into force in the European Union on 12 January 2016 and will apply as of 13 January 2018. The PSD2 has conferred 11 mandates on the European Banking Authority (EBA), one of which relates to the development, in close cooperation with the European Central Bank (ECB), of draft Regulatory Technical Standards (RTS) on strong customer authentication and secure and common communications (Article 98 of the PSD2).
In order to receive early input into this work, the EBA published a Discussion Paper in December 2015, which received 118 responses. The resulting RTS set out a harmonised framework aimed at ensuring an appropriate level of security for consumers, as well as Payment Service Providers (PSP). The RTS propose the adoption of effective and risk-based requirements, which will secure and maintain fair competition among all PSPs, and allow for the development of user-friendly, accessible and innovative means of payment.
The requirements cover strengthened customer authentication, enhanced protection of user's security credentials and common and secure open standards for communications between the various types of providers in the payments sector.
Responses to this consultation paper can be sent to the EBA by 12 October 2016. A public hearing will take place at the EBA premises on Friday 23 September 2016, from 14.00 to 17.00 UK time.