March 26, 2017
As we speedily approach 2018, the deadline looms for countries in the EU to implement the EBA’s PSD2 strong customer authentication requirements. Banks, payment providers and merchants are in a heated discussion on which proposals will help or hinder their business.
The EBA has recognized that indiscriminate authentication negatively impacts the user experience as well as the adoption rate of mobile wallets. In response, it has recommended a risk-based approach to authentication and has eliminated the necessity for strong customer authentication for payments up to €30. Payments between €30 and €500 will be subject to meeting fraud thresholds set by the EBA. This will create different risk profiles that will need to be managed by the issuers.
While we applaud the EBA’s new recommendations, we feel that the ...