Thursday 23 Feb 2017 @ 09:25
techUK
Printable version

EBA outlines changes to strong customer authentication

A speech from EBA chairperson has given some details on final changes to RTS for PSD2.

The European Banking Authority (EBA) has announced that, following a highly controversial consultation, it will relax the requirements for strong customer authentication (SCA) under the PSD2.

In a speech recently, Andrea Enria, the Chairperson of the European Banking Authority, described planned changes its draft Regulatory Technical Standards (RTS) on how online payments should operate under the PSD2. The final version of the RTS is expected to be released in a few days along with an 100-page list of all comments raised in the consultation and the EBA's response.

The PSD2 gave the EBA the task of determining the balance between security of online payments and ease of use for the consumer by imposing requirements on when strong customer authentication must be used - i.e. when, for example, customers will have to enter additional information (such as a PIN number or a verified by Visa type passcode) to authenticate themselves when they make a payment. It is key to note that the RTS will have direct effect in national law – i.e. there will be no implementation law at national level: the requirements will apply in the UK as they are written by the EBA.

The main changes to the draft RTS announced by Mr Enria are as follows:

  • There will be two new exemptions: (i) when ‘transaction risk analysis' is used - the automated tracking of consumer’s habitual types of payment and (ii) for unattended terminals (such as transport or parking). This will be reviewed, to check it is sufficiently secure, 18 months after the RTS come into force.
  • The threshold past which SCA must be used is increased from €10 to €30. 
  • The practice of 'screen scraping' (also called 'direct access') will be banned once the RTS come into force.
  • Banks will be required to provide a dedicated interface for TPPs to access customer information which has the same level of availability and performance as the interface customers use to access their own online banking.

The final RTS have to be approved by the European Commission and the European Parliament, and the Commission has been heavily involved in the changes now announced. If, however, the Parliament were still not satisfied, it is possible for them to reject (but not amend) the standards and send them back to the EBA for further revision.

The full version of Mr Enria speech is here.

techUK is planning a seminar to discuss the detail soon after the final RTS are released – keep an eye out on the website for further details.

 

Channel website: http://www.techuk.org/

Share this article

Latest News from
techUK

What Labour’s rail announcement could mean for the tech sector

26/04/2024 16:20:00

The Labour Party has announced its plan for rail should it be elected to government.

The DRCF sets a longer-term vision for future digital regulation in its annual plan for 2024/5

26/04/2024 11:05:00

The DRCF sets its agenda for the year ahead, amidst another busy year for the tech sector and its digital regulators.

techUK hosts RHC for the launch of ‘The Future Regulation of Space Technologies’ report

25/04/2024 16:05:00

Today the Regulatory Horizons Council (RHC) launches its report on the Future Regulation of Space Technologies. techUK will host the first presentation about the report during the Space Commercialisation and Tech Summit.

Cloud computing and the journey to net zero - why GreenOps is key to sustainable growth

25/04/2024 11:05:00

At a time when our commitment to mitigate the impact of climate change has never been more urgent, a sustainable approach to technology should be at the heart of any digital transformation strategy. 

techUK and TechWM strategic agreement announcement

25/04/2024 10:25:00

We are delighted to announce that techUK and TechWM have signed a new strategic agreement to accelerate regional tech economy! 

UK SPF commissions study to explore spectrum sharing with Defence

25/04/2024 09:20:00

In a recent development, management consultancy LS telcom has been appointed to produce an independent report addressing the complexities of sharing Defence spectrum. At the heart of this endeavour lies the need to reconcile the growing need for spectrum sharing with the stringent security requirements of the Ministry of Defence (MoD).

New CCS Chief Executive announced

24/04/2024 16:25:00

Last week, it was announced that the Crown Commercial Service had appointed it's new Chief Executive to replace Simon Tse when he retires this summer

Prime Minister announces significant increase in Defence spending

24/04/2024 13:20:00

Speaking yesterday at a NATO press conference in Poland, the Prime Minister committed to increase Defence spending to 2.5% of GDP by 2030, representing an additional £75bn in funding over the next 6 years.

Financial Conduct Authority publishes its response to work on big tech and data asymmetry in financial services

24/04/2024 11:20:00

Watch techUK’s Head of Financial Services, Andy Thornley, explain the FCA’s response to their work on big tech and data asymmetry in financial services!

Innovate to elevate: Can product design solve the UK's productivity paradox? (Guest blog from Exclaimer)

23/04/2024 11:25:00

Blog posted by: Vicky Wills, Chief Technology Officer, Exclaimer, 22 April 2024.

Derby City Council Showcase