It may not be top-of-mind given the coronavirus, but the deadline for PSD2 compliance is approaching.
The
As many know, open banking allows the networking of accounts and data across institutions for use by consumers, financial institutions and third-party service providers. As it relates to PSD2, all financial institutions must “open” their customer information and payment networks to PSPs and a relatively new, but related, industry, third-party payment providers (TPPs), which are expected to drive payment innovation and competition.
With advanced identity attacks on the rise it’s critical that the PSD2 directive and open banking mechanisms are supported by strong identification and authentication controls for both humans and machines so there is no chance of impersonation or fraud. This is why PSD2 requires digital eIDAS qualified authentication and non-repudiation certificates.
Organizations have been slow to ramp up their PSD2 preparedness and the coronavirus adds another layer of complexity.
On the one hand, the outbreak might further complicate the process as face-to-face or notarized validation is required for these types of certificates with limited alternative validation techniques available. On the other, the virus may accelerate the shift toward digital channels — yet another reason to ensure PSD2 compliance.
While currently a Europe-centric initiative, there has been talk of introducing open banking to the U.S. in the
It will be interesting to see how PSD2 rolls out next year throughout Europe. Financial institutions have had years to prepare for it, so hopefully it will be a fairly seamless process. Once in place, the technology measures should result in a significant reduction in fraud.
