(Cyber) Security for Payment Services Providers

One of the objectives of the European Union is to foster competition within its borders in order to e.g. create more choice for the consumers and reduce costs. To this end, the revised Directive on Payment Services (PSD2) allows many new, non-banks parties – third party payment services providers (TPPs or PSPs) – to enter the European payment market and access consumers’ sensitive data, with the aim to offer new, convenient and secure payment services leveraging on new technologies. This research analyses the regulatory technical standards of strong customer authentication (RTS on SCA&SC), issued by the European Banking Authority (EBA) in order for these new non-bank parties to ensure a pre-required level of (cyber) security. The immediate objective of the research is to address some of the missing or unclear cyber security related definitions in the RTS and provides recommendations about some of the missing or unclear cyber security requirements, in order to help PSPs and banks identify an appropriate trade-off. In the end, balancing security and convenience will prove key to one of the objectives of PSD2 – the adoption by all Europeans of a digital payment market to contribute to the broader adoption of the European digital single market, a second EU-objective –, as consumers will not embrace a solution too cumbersome nor will they accept a payment service they cannot trust.

 

Keywords: ASPSP, AISP, PISP, Authentication, Payments

 

READ PDF>

 

 

 

 

  • A de minimis rule for personal data breach notifications...
    Master CS/Machiel Bolhuis
    >
  • A de minimis rule fo...
    Master CS/Machiel Bolhuis
    >
  • A de minimis rule for personal data breach notifications...
    Master CS/Machiel Bolhuis
    >
  • A generic approach for detecting security anomalies in I...
    Master CS/Jaap Mooij
    >
  • A generic approach f...
    Master CS/Jaap Mooij
    >
  • A generic approach for detecting security anomalies in I...
    Master CS/Jaap Mooij
    >
  • A Process Model for Phishing Prevention
    Master CS/Paulo Ribeiro do Nascimento
    >
  • A Process Model for...
    Master CS/Paulo Ribeiro do Nascimento
    >
  • A Process Model for Phishing Prevention
    Master CS/Paulo Ribeiro do Nascimento
    >
  • An improved key distribution and updating mechanism for...
    Master CS/Marcel van Leent
    >
  • An improved key dist...
    Master CS/Marcel van Leent
    >
  • An improved key distribution and updating mechanism for...
    Master CS/Marcel van Leent
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Caring for Security
    Master CS/David Willems
    >
  • Cyber Confidence-Building Measures
    Master CS/Kraesten Arnold
    >
  • Cyber Confidence-Bui...
    Master CS/Kraesten Arnold
    >
  • Cyber Confidence-Building Measures
    Master CS/Kraesten Arnold
    >
  • Cyber Threat Intelligence
    Master CS/Daan Planqué
    >
  • Cyber Threat Intelli...
    Master CS/Daan Planqué
    >
  • Cyber Threat Intelligence
    Master CS/Daan Planqué
    >
  • Essence of Encryption
    Master CS/Jeroen Veen
    >
  • Essence of Encryptio...
    Master CS/Jeroen Veen
    >
  • Essence of Encryption
    Master CS/Jeroen Veen
    >
  • Guaranteeing authenticity and integrity in signalling ex...
    Master CS/Ewout Pronk
    >
  • Guaranteeing authent...
    Master CS/Ewout Pronk
    >
  • Guaranteeing authenticity and integrity in signalling ex...
    Master CS/Ewout Pronk
    >
  • How to bring HTTPS to the masses?
    Master CS/Maarten Aertsen
    >
  • How to bring HTTPS t...
    Master CS/Maarten Aertsen
    >
  • How to bring HTTPS to the masses?
    Master CS/Maarten Aertsen
    >
  • Multi actor roadmap to improve cyber security of consume...
    Master CS/Herbert Leenstra
    >
  • Multi actor roadmap...
    Master CS/Herbert Leenstra
    >
  • Multi actor roadmap to improve cyber security of consume...
    Master CS/Herbert Leenstra
    >
  • Payment Services Directive 2
    Master CS/Stephan Hellmann
    >
  • Payment Services Dir...
    Master CS/Stephan Hellmann
    >
  • Payment Services Directive 2
    Master CS/Stephan Hellmann
    >
  • Policy strategies for VPN for consumers in the Netherlan...
    Master CS/Nelly Ghaoui
    >
  • Policy strategies fo...
    Master CS/Nelly Ghaoui
    >
  • Policy strategies for VPN for consumers in the Netherlan...
    Master CS/Nelly Ghaoui
    >
  • SDN South-bound Interface Attack Mitigation
    Master CS/Lucio Jankok
    >
  • SDN South-bound Inte...
    Master CS/Lucio Jankok
    >
  • SDN South-bound Interface Attack Mitigation
    Master CS/Lucio Jankok
    >
  • Targeted attacks and the human vulnerability
    Master CS/Derk-Jan van Mourik
    >
  • Targeted attacks and...
    Master CS/Derk-Jan van Mourik
    >
  • Targeted attacks and the human vulnerability
    Master CS/Derk-Jan van Mourik
    >
  • The implementation of the Dutch Cabinet’s policy on data...
    Master CS/Carlo Koch
    >
  • The implementation o...
    Master CS/Carlo Koch
    >
  • The implementation of the Dutch Cabinet’s policy on data...
    Master CS/Carlo Koch
    >
  • The influence of Dark Web on border control
    Master CS/Edwin Noordzij
    >
  • The influence of Dar...
    Master CS/Edwin Noordzij
    >
  • The influence of Dark Web on border control
    Master CS/Edwin Noordzij
    >

This website uses cookies to ensure you get the best experience on our website. By continuing to browse the site, you are agreeing to our use of cookies.. More info

 

I AGREE