PSD2 And Open Banking
Providing your customers with trusted identities
In this environment, becoming an Account Information Service Provider (AISP) or Payment Initiation Service Provider (PISP) is vital, because owning customer relationships in the new path to profitability. The key is being first to provide trusted identities customers need to conduct secure transactions. Our Authentication platform make sit easy to provide those trusted identities.
Time to choose your place in the open banking ecosystem
Banks looking to capitalize on PSD2 and open banking must decide how to position themselves in the market. these are three of the options, Each requires trusted identity:
Option 1: Become a banking utility
Focus on providing liquidity, credit card services, and infrastructure. Most services would not be offered through third parties who own the customer relationship. Requires only basic PSD2 compliance.
Option 2: Partnership model
Develop an advanced API model that allows you to directly provide selected services to consumers—and offer others through third-party partnerships. This requires compliance, plus monetized access to selected customer data.
Option 3: Comprehensive offering
Offer consumers a full range of financial services under your brand. This may require some private labeling of third-party offerings. But you can clearly own the consumer relationship. This requires compliance, open APIs and development or reselling of a broad portfolio of services.
How to Capitalize on PSD2
Strong Customer Authentication (SCA)
A Foundation for PSD2 Compliance
A key PSD2 requirement is Strong Customer Authentication (SCA). Because usernames and passwords don't provide sufficient security, the new directive calls for two-factor authentication for all electronic transactions. Our authentication solutions help you enable your PSD2 requirements – and they ensure a transparent and frictionless user experience.
Below are the key elements required to create strong customer authentication.
Two-Factor Authentication (2FA)
The use of two independent authentication methods is mandated. If one of the methods involves a smart phone or other mobile device, security measures are required to ensure that the device being used has not been compromised. Entrust offers the widest range of authenticators, so you can offer your customers the one that that works best for them.
Transaction Monitoring & Fraud Protection
PSD2 mentions the need for transaction monitoring software that analyzes risk as transactions are taking place. Our solutions enable fraud prevention tools with adaptive capabilities. Factors such as payment amounts, known fraud scenarios, payer/payee locations and device reputation are used to allow, challenge or stop transactions.
Dynamic Linking
Hackers have learned to insert themselves into the middle of legitimate electronic transactions after they’ve been initiated — which has created the need for dynamic linking. Entrust solutions link authentication codes to specific transaction amounts and payees. If either the amount or the payee changes during a transaction, a new code is issued. Our solution — which can feature OTP codes, mobile push notifications or other authenticators — also provides highly secure transactions.
Runtime Application Self-Protection (RASP)
The proliferation of mobile payment apps creates new opportunities for hackers. RASP is a suggested protocol for detecting anomalous app behavior and blocking the app from executing any further operations. Our RASP solution hardens the mobile app code and allows it to defend itself at runtime. This safeguards against hacking and reverse engineering. Also, with our Entrust Identity Enterprise client-side software, the apps or SDKs act only on requests from the server. If a fraudulent entity tries to fool the app into signing a transaction, the transaction verification fails.
The Secure Communications (SC) Requirement
Another key PSD2 requirement is Secure Communication (SC). PSD2 Qualified Website Authentication Certificates (QWACs) form the highest level of authentication and will be required to secure the Open Banking APIs used for transferring private data when making a payment or transferring money. They are meant to bring greater transparency, accountability and authentication to users in the EU marketplace.
Our QWACs Secure Communication solution enables PSD2 compliance, while providing greater transparency, accountability, and authentication to users in the European Union marketplace.
Establish Trust for Secure Communications
PSD2 requirements expand upon existing verification requirements for third-party providers requiring them to purchase specialty SSL/TLS certificates known as PSD2 QWACs. These certificates provide the highest level of assurance and the most robust foundation of trust available for securing sensitive transactions.
Transaction Monitoring & Fraud Protection
PSD2 mentions the need for transaction monitoring software that analyzes risk as transactions are taking place. Our solutions enable fraud prevention tools with adaptive capabilities. Factors such as payment amounts, known fraud scenarios, payer/payee locations and device reputation are used to allow, challenge or stop transactions.
Encrypt Communications
Strong encryption coupled with high assurance provide third-party service providers and users a high degree of confidence when transferring sensitive data online. The PSD2 QWACs provided by Entrust use: RSA Encryption Algorithm, SHA-2 Hashing Algorithm, and a minimum key size of 2048 bits — all of which meet or exceed the minimum requirements for encrypting online transactions.
Balancing PSD2 Data Sharing Requirements with GDPR Guidelines
These two critical initiatives seem to be at odds. PSD2 advocates for sharing customer data, while GDPR promises severe financial consequences for organizations that violate consumer data privacy regulations. While it seems there will be more direct guidance coming from governing bodies in the future, banks must — for the time being — balance both requirements using their best judgement. This means that banks should avoid a separate or siloed approach to their GDPR and PSD2 implementations. Approach them as a unified initiative and develop a single framework that simultaneously makes customer data available, yet protects that same data from being compromised by hackers. For help with this important balancing act, contact an Entrust trusted identity expert.
Fordern Sie noch heute eine Demo an
Ein Entrust Identity Portfolio-Spezialist wird sich bald mit den Optionen in Verbindung setzen.
Identitätsportfolio
Identity as a Service
Hochsichere Cloud-basierte Mitarbeiter- und Verbraucherauthentifizierung. Berechtigungsnachweisbasierter Zugriff einschließlich kennwortloser Authentifizierung mit einheitlichem SSO.
Unternehmensidentität
Hochsicherheitspersonal und Verbraucherauthentifizierung. Berechtigungsnachweis-basierte Authentifizierung einschließlich der Ausgabe von physischen Chipkarten. Vor-Ort-Lösung.
Grundlegendes zur Identität
Klassenbester MFA- und VPN-Schutz für Windows-basierte Belegschaften.
Funktionen unserer Identitätsplattformen:
Authentifizieren
Autorisieren Sie
Abwickeln und Verwalten
Eine Identitätsplattform, die Ihren Authentifizierungsanforderungen entspricht
- Verbraucher
- Belegschaft
- Bürger
Verbraucher
Privatkundengeschäft
Gewinnen und binden Sie Kunden mit erstklassigen Mobile- und Online-Banking-Dienstleistungen.
Kundenportale
Bieten Sie Ihren Kunden einen reibungslosen Zugang zu Ihren Portalen und schaffen Sie ein großartiges Markenerlebnis.
CIAM-Integration
Unsere Plattform lässt sich nahtlos in Ihre CIAM-Strategien (Customer Identity Access Management) integrieren.
Erfüllen Sie die PSD2-Bestimmungen
Nutzen Sie unsere bewährten Identitätstools, um erfolgreich zu sein und Bestimmungen einzuhalten.
Belegschaft
Physischer/logischer Zugriff
Unsere Plattform bietet die notwendigen Technologien zur Integration von physischem und logischem sicheren Zugang.
VPN absichern
Ermöglichen Sie Ihren Mitarbeitern überall den ständigen Zugriff auf VPNs und SaaS-Anwendungen.
Privilegierter Arbeiter
Schützen Sie die wichtigen Anmeldeinformationen für Anwendungen von Systemadministratoren oder leitenden Angestellten.
Passwortloser Login
Get a true passwordless SSO solution that supports all devices, PCs and Macs, and cloud and on-premises apps.
Auftragnehmer
Unsere Lösungen gewährleisten durch den Einsatz von lokalen oder Cloud-Apps Anwendungssicherheit für Auftragnehmer.
Ermöglichen Sie PIV-konforme Mobilität von Regierungsbehörden
Bewährte PIV-Lösungen lassen Komplexität der Vergangenheit angehören und ermöglichen Mobilität mit hoher Sicherheit
Bürger
Digitaler Bürger
Nutzen Sie unsere Plattform, um Pässe, Personalausweise und Führerscheine zu sichern und zu verwalten.