Guides and checklists

PSD2 compliant with app shielding

How app shielding supports applications to meet the PSD2 regulation.

Cost-efficient security without a hassle

With exponential growth in the usage of payment services on mobile applications, cybercriminals are now targeting payment services more aggressively than ever before. The PSD2 regulation is the second Payment Services Directive and seeks to make payments services more secure, boost innovation and help banking services to adopt new technologies.  

The new standards include two key security requirements on mobile applications: Monitoring mechanisms for malware, and security measures to mitigate risks for mobile users.

We have created a white paper where key challenges and recommendations for how to get PSD2 compliant are presented.

What is PSD2?

PSD2 is the second Payment Services Directive, designed by the countries of the European Union. The Payment Services Directive 2 (PSD2) legislation requires payment service providers (PSPs) to contribute to a more integrated, secure and efficient payments ecosystem.

Two major changes for banking and finance forced by PSD2
The PSD2 force two major changes for the payment industry

  1. Mandates stronger security requirements for online transactions through mulit-factor authentication.
  2. Forces banks and other financial institutions to give third-party payment services providers access to consumer bank accounts if account holders has given their consent.

PSD2 mobile requirements

The most important requirements related to mobile app security are present in the Article 9 of the final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC).

PSD2 came into force in september 2019 and it applies to all payment services within the EU and the EEA. For mobile banking apps, the security requirements set out in PSD2 point to a need for protection against known and unknown attacks against mobile apps.