Cost-efficient security without a hassle
The PSD2 regulation is the second Payment Services Directive and seeks to make payments services more secure, boost innovation and help banking services to adopt new technologies.
The new standards include two key security requirements on mobile applications: Monitoring mechanisms for malware, and security measures to mitigate risks for mobile users.
In our whitepaper, we present the key challenges and recommendations to achieve PSD2 compliance.
What is PSD2?
PSD2 is the second Payment Services Directive, designed by the countries of the European Union. The Payment Services Directive 2 (PSD2) legislation requires payment service providers (PSPs) to contribute to a more integrated, secure and efficient payments ecosystem.
Two major changes for banking and finance forced by PSD2
The PSD2 force two major changes for the payment industry
- Mandates stronger security requirements for online transactions through mulit-factor authentication.
- Forces banks and other financial institutions to give third-party payment services providers access to consumer bank accounts if account holders has given their consent.
PSD2 mobile requirements
The most important requirements related to mobile app security are present in the Article 9 of the final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC).
PSD2 came into force in september 2019 and it applies to all payment services within the EU and the EEA. For mobile banking apps, the security requirements set out in PSD2 point to a need for protection against known and unknown attacks against mobile apps.