A blog post in Finextra contemplates how the requirements of PSD2 in the EU will work in combination with the updated requirements of 3D secure 2.0. PSD2 requires that payments use strong authentication methods:
PSD2 is a substantial overhaul of existing regulations for the payments industry.
It aims to increase competition within the payments industry, bring into scope new types of payment services, enhance customer protection and security, and extend the reach of the Payment Services Directive.
(PSD2) Promotes SCA (Strong Customer Authentication) by providing clarity on the use of emerging payment methods such as mobile payments, biometrics payments, 2FA (Two Factor Authentication), and OTPs (One Time Passwords)
The author suggests that 3DS 2.0 is a part of creating more secure online transactions and is compatible with the requirements of PSD2:
Many are wondering how the introduction of PSD2 has and will continue to affect 3DS 2.0 (3D-Secure 2.0), the updated protocol which ensures safe and secure online transactions. First, let’s quickly recap 3DS 2.0.
3D-Secure 2.0 aims to facilitate ‘frictionless shopping’ which incorporates the ease and speed of ‘old school’ transactions with the security of 3D-Secure by offering multi-factor authentication which, once set up, means transactions (even card-not-present transactions) are simple and straightforward for consumers.
What is not addressed is how SCA would be applied to Payment Initiation Service Providers (PISPs). These organizations provide opportunities to make purchases directly from consumers’ checking accounts. 3DS intentionally works within the card payment environment only, suggesting that multiple forms of SCA will be needed based on payment type.
Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group
Read the full story here