CAPS Report on Authentication and Mobile Payments to aid Implementation of PSD2

February 20, 2018

Blog

With PSD2’s Regulatory Technical Standards now published, the broader financial ecosystem is moving closer towards full-scale implementation of the EU’s revised payment services directive. Designed to add greater security to payments and stimulate commerce, PSD2 enables third party financial services to provide solutions without necessarily involving the current payment schemes.

The directive will enable payers to “push” payments directly through a bank transfer from their bank account to payees by enabling them to use third party Payment Service Providers (PSPs) to do so. Furthermore, customers will have the opportunity to consent to third party PSP products that access and utilise customers’ transactional data, such as budgeting services. To ensure security of payment transactions, PSD2 mandates multi-factor authentication for payment service providers (PSPs).

While these changes to the financial market are likely to stoke the demand for identity services, the broader PSD2 ecosystem will need to provide guidance on how the EU Directive can be interpreted and implemented. Organisations such as Convenient Access to PSD2 Services(CAPS) can play a role in helping to provide a common approach by acting as forum for the proposal of solutions to the technical, business and operational issues faced by potential PSD2 stakeholders across Europe. CAPS’ ‘Mobile Strong Customer Authentication Under PSD2: Comparisons and Considerations’, provides the framework for a common approach to strong customer authentication (SCA) in remote payment transactions, based on mobile devices.

In the wake of rising digital transactions and the high levels of fraud accompanying them, multi-factor authentication is increasingly regarded as the baseline for payment security, typically requiring payers to verify something they possess (such as a mobile phone) and something they know (such as a PIN) or something specific to who they are (such as a fingerprint).

PSPs and financial services without multi-factor authentication covering their entire customer base now face the task of developing or sourcing a multi-factor authentication service. With the new guidelines of the Regulatory Technical Standards leaving only an 18-month period from now until mandatory compliance, we can expect a spike in the demand for authentication products.

Mobile Connect, the identity solution developed by the mobile industry, is one such PSD2-compliant product. Designed for a range of sectors, Mobile Connect is supported by more than 60 mobile network operators in over 30 countries, thereby offering PSPs secure authentication on a global scale.

As well as serving existing PSPs and financial solutions making the transition to multi-factor authentication, Mobile Connect could also play a role in supporting new entrants to the market following PSD2’s broadening of the definition of ‘payment service provider’.

Read the full report

Back

Presentation: Identity Hangout Delivering Identity Services The first Identity Hangout: Delivering Identity Services on 5 December explored the value and commercial scalability of mobile-based identity services. The online event was targ...

Read more | See all Identity Resources

Presentations from M360 Series – Russia & CIS The 2018 GSMA Mobile 360 Series – Russia & CIS was a regionally-focused event drawing on global case studies for senior-level leaders from government & regulatory bodi...

Read more | See all Identity Resources

Presentations: Delivering Commercial Success Through Identity Services The GSMA Identity recently partnered with Turkcell to co-host an event in Istanbul which explored Turkey’s journey towards becoming the first Mobile Connect commercially su...

Read more | See all Identity Resources

Mobile Connect Workshop Presentations at MWCA Identity Seminar The seminar Mobile Connect Seminar: Reducing Fraud through Secure Authentication and ID Verification Services, brought together h wider mobile ecosystem aiming to prevent fraud b...

Read more | See all Identity Resources

Mobile Connect Workshop Presentation at Mobile 360 Digital Societies i The Mobile Connect workshop: Delivering commercial success through identity services attendees had the opportunity to learn the value and commercial scalability of mobile-based ...

Read more | See all Identity Resources

Distributed Ledger Technology, Blockchains and Identity: A Regulatory This paper provides an overview of the relevant regulations for the use of distributed ledger technologies (DLT) and blockchains for digital identity. Digital identity is the bas...

Read more | See all Identity Resources

News Flash: Microsoft Explores Eliminating “Inverse Privacy” Reports claim software giant is seeking to increase users’ control over personal data Microsoft is working on giving people greater insights into the private data collected abo...

Read more | Visit Identity Blog

News Flash: Identity Fraud “at a Tipping Point” Symposium speakers highlight hackers’ ability to easily create synthetic identities The vast amount of personally identifiable information available on the Internet is making i...

Read more | Visit Identity Blog

News Flash: Digital Identity to Change Direction In 2019, there will be a shift from trying to digitise identity to creating digital identities underpinned by relationships, according to David Birch, a leading financial service...

Read more | Visit Identity Blog

News Flash: Taiwan Targets 2020 for Digital ID Government says digital ID cards will enable online access to 80% of public services The government of Taiwan is planning to roll out a digital identification system in 2020, acc...

Read more | Visit Identity Blog

Top 3 Digital Identity Trends for 2019: the Curtain Closes for the Hum   2019 will see the consolidation of multi-factor authentication As users have grown increasingly weary of creating endless online profiles (86% report abandoning purchases ...

Read more | Visit Identity Blog

Mobile Connect Allows the Mobile Industry to Make any Digital Business Kaan Terzioğlu, Turkcell CEO Throughout my career I have, in one way or another – as a consultant, a vendor, and now as CEO at Turkcell – been in prime position to observe t...

Read more | Visit Identity Blog

Mobile Connect + FIDO Alliance: the Future of Strong Authentication January 21, 2019 GSMA and FIDO Alliance are pleased to jointly present a “Future of Strong Authentication” seminar in London on January 21, from 13.00-1700 at GSMA’s headquarters, with brie...

Read more | See all Identity Events

Identity at MWC19 Barcelona February 25, 2019 Discover the latest innovations, market developments and business strategies in digital identity at MWC19 Barcelona. More details to follow. Register for MWC19 Barcelona...

Read more | See all Identity Events

MWC19 Seminar – Mobile Connect: The Rise of Digital Identity February 25, 2019 This seminar will focus on the consolidation and growth of Mobile Connect as a successful identity service offered by the mobile operators around the globe. The seminar will c...

Read more | See all Identity Events

MWC19 Seminar – The Future of Digital Identity: From Revolutiona February 26, 2019 It’s been a tempestuous year in digital identity with major breaches hitting the press on an almost weekly basis. This seminar will look at some of the latest research in use...

Read more | See all Identity Events

Identity Hangout March 20, 2019 Join the second Identity Hangout to hear what’s new on the identity space. The GSMA Identity team will be joined by an expert to talk about this as well as discussing the r...

Read more | See all Identity Events

Contact GSMA Legal Email Preference Centre Copyright © 2019 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.