STRONG CUSTOMER AUTHENTIFICATION WHEN PROVIDING A PAYMENT SERVICE
DOI:
https://doi.org/10.17770/iss2021.6909Keywords:
Payment Services, PSD2, Strong Customer AuthenticationAbstract
Strong customer authentication in the Second Payment Service Directive means customer authentication where customer shall use two or more of the following elements: knowledge (what only the user knows), possession (what only is in the user’s possession) and inherence (user-specific). The purpose of the strong customer authentication is to make payment services more secure and to protect costumer’s personal data. It is mandatory to use at least two of three elements: elements: knowledge, such as password, numeric code, pet name, etc., possession, such as a mobile phone, and inherence, such as a fingerprint. The aim of the article is to find out what is secure customer authentication, what it contains and in which cases secure user authentication does not apply.Downloads
References
Ar ko Eiropas Parlamenta un Padomes Direktīvu (ES) 2015/2366 papildina attiecībā uz regulatīvajiem tehniskajiem standartiem par drošu lietotāja autentificēšanu un vienotiem un drošiem atklātiem saziņas standartiem (27.11.2017). Eiropas Savienības Komisijas deleģētā regula (ES) 2018/389, red. uz 22.04.2021. https://eur-lex.europa.eu/legal-content/LV/TXT/?uri=CELEX%3A32018R0389, sk. 22.04.2021.
Par maksājumu pakalpojumiem iekšējā tirgū, ar ko groza Direktīvas 2002/65/EK, 2009/110/EK un 2013/36/ES un Regulu (ES) Nr. 1093/2010 un atceļ Direktīvu 2007/64/EK (25.11.2015). Eiropas Parlamenta un Padomes direktīva (ES) 2015/2366, red. uz 22.04.2021. https://eur-lex.europa.eu/legal-content/lv/TXT/?uri=CELEX%3A32015L2366, sk. 22.04.2021.
Eiropas Komisija (24.07.2013). Priekšlikums Eiropas Parlamenta un Padomes Direktīva par maksājumu pakalpojumiem iekšējā tirgū, ar ko groza Direktīvas 2002/65/EK, 2013/36/ES un 2009/110/EK un atceļ Direktīvu 2007/64/EK https://eur-lex.europa.eu/legal-content/LV/TXT/?uri=CELEX:52013PC0547, sk. 22.04.2021.
European Banking Authority (12.08.2016). Consultation Paper On the draft Regulatory Technical Standards specifying the requirements on strong customer authentication and common and secure communication under PSD2. Retrieved 22.04.2021 from: https://www.eba.europa.eu/sites/default/documents/files/ documents/10180/1548183/679054cf-474d-443c-9ca6-c60d56246bd1/Consultation%20Paper%20on%20 draft%20RTS%20on%20SCA%20and%20CSC%20%28EBA-CP-2016-11%29.pdf
European Banking Authority (21.06.2019). Opinion of the European Banking Authority on the elements of strong customer authentication under PSD2. Retrieved 22.04.2021 from: https://www.eba.europa.eu/sites/ default/documents/files/documents/10180/2622242/4bf4e536-69a5-44a5-a685-de42e292ef78/ EBA%20Opinion%20on%20SCA%20elements%20under%20PSD2%20.pdf
