April 25, 2017
The European Banking Authority (EBA) has published its ‘final’ draft Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and secure communication under PSD2. PSD2 and, particularly, the SCA aspect has the potential to dramatically change not just the payments sector but the wider banking market and has been the subject of heated discussions and aggressive lobbying.
The market has therefore been waiting with bated breath to view and digest the finalized standards. The final RTS provides clarity on a number of ambiguities contained in the draft version and covers a great deal of ground. However, like a Christopher Nolan movie, it still leaves you hanging with unanswered questions at the end.
With the document standing at more than 150 pages, it can be difficult to identify the major points and key changes from the draft version. To help, here’s a distillation of the paper, covering 10 points we believe the market needs to heed: