June 21, 2019
The European Banking Authority said it has agreed to a limited extension on the Sept. 14th deadline for compliance with Strong Customer Authentication under the PSD2 Payment Service Directive, which will increase authentication requirements for digital transactions, according to a release from the body.
The PSD2 requires starting on that date, electronic payments need to use two of three elements in order to make sure the authorized user is making the purchase. These include something the customer knows, like a password or PIN code, something a customer has, like a phone or hardware token and something a customer is, for example using a fingerprint or facial recognition.
EBA said that while it believes enough time has passed since the 2015 original notification and that it cannot legally delay the deadline anymore, it acknowledges that some legitimate concerns remain about readiness, partcularly among non payment service providers.
The EBA said it will agree on a limited basis to work with some PSPs as well as some merchant and consumers, however the must meet some additional guidelines, including offer a migration plan to come into compliance. Future deadlines will be announced later this year.
Topics: Mobile Payments, POS, Region: EMEA, Regulatory Issues
Sponsored Links: