The makes publicly available the response it sent earlier this month to the European Banking Authority ( ), in the context of the two-month public consultation on draft Regulatory Technical Standards ( ) on strong customer authentication and common and secure communication under the revised Payment Services Directive ( ).
These are aimed at ensuring an adequate level of security for both customers and Payment Service Providers ( ), in the context of online access to payment accounts, initiation of electronic payments and the involvement of so-called third party providers in these services, including access to the customers’ payment accounts. This should be achieved by strengthening the customer authentication and increasing the protection of sensitive payment data, as well as improving the communication between the different .
Among the key aspects of its response, the stressed that the principles put forward by the should be technology-neutral and future proof. The also suggested that the exemption to the application of strong customer authentication solutions should not only be applicable to contactless payments, but also to contact card-based transactions in high-speed environments (such as toll ways, parkings, vending machines…). In addition, the proposes that the exemptions to the implementation of strong customer authentication solutions should remain optional. More concretely, the is of the opinion that a should have the possibility to apply strong customer authentication solutions when there is a risk of payment fraud or other abuses.
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.