23.09.2019 07:51 am
The date is important, because it is the deadline, incorporated in the revised Payments Services Directive (PSD2) of the European Union (EU) for the introduction of Strong Customer Authentication (SCA).
With few exceptions, SCA applies to payment services providers (PSPs) when they are carrying out remote electronic transactions. SCA is defined in PSD2 as an ‘authentication based on the use of two or more elements categorised as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data.’
Nearly three months ago, The European Banking Authority (EBA) published an opinion which recognised the challenges of putting SCA into practice by the deadline - and especially as it involves actors who are not PSPs*. The EBA’s opinion focuses on one aspect of a broader question - How can Open Banking be made easier for banks? This broader question runs through every one of the articles and interviews that are included in this edition of Financial IT.