PSD2 - Improve user experience by evaluating risk and adapting security accordingly

Fraudsters and hackers are constantly challenging the security measures put in place by banks to protect sensitive business data.

In the meantime, consumers are using more and more new innovative services with a seamless experience and expect banks to find the right balance between the security level needed and reduced friction in the user journey.

Evaluating​ risk and adapting accordingly

The new European legislation, the revised Payment Service Directive (PSD2), requires that banks adopt security measures to the level of risk involved.

The result?

Payment service providers (PSPs) have the obligation to operate transaction and risk monitoring in order to assess, detect and prevent risks linked to payments and any access to account operations. 

• For those transactions identified as low risk, a payment service provider can bypass any strong customer authentication (SCA) requirements. 
• For those transactions that are deemed more high risk such as sudden changes in location or abnormal spending step-up authentication will be required. 

By evaluating risk and adapting accordingly, banks are able to offer a targeted approach that strikes the right balance between security and user convenience.

Smart fraud protection based on risk

Thales Gemalto IdCloud Fraud Prevention

Looking to provide robust security to your banking and financial services while still maintaining an optimal end-user experience?

The risk management services of our Gemalto IdCloud platform provide a groundbreaking approach to proactive fraud prevention in online banking​. The smart risk assessment enables banks to analyse online banking sessions in real-time, and select the most appropriate level of customer authentication for each individual transaction.

A risk based authentication (RBS) approach is the winning combination of security and convenience in the new digital and open banking ecosystem.

And our Gemalto  IdCloud Fraud Prevention is the perfect answer, with risk management services that meets the  PSD2/RTS requirements in risk assessment.

It helps banks to evaluate the actual risk of each transaction in order to only activate additional authentication measures when necessary.

Powered by machine learning, the profile and behaviour of customers are analysed in real-time across a range of attributes and signals including geolocation, device profiling, IP address, device assessment and behavioural biometrics.

Thanks to Gemalto  IdCloud, banks can define a granular authentication policy based on customer segmentation, customer preferences, use cases and their own parameters. 
 

More resources

PSD2 regulation
The new PSD2 directive is a fundamental piece of payment legislation in Europe. Learn how to get ready with Thales.
Read more

Strong Customer Authentication
Strong Customer Authentication, as defined in PSD2, means that transactions are authenticated using 2‑factor authentication or more.
Read more

Innovate with Open Banking API
By working more closely with third-party actors, financial institutions can better prepare themselves for the market changes and proactively identify areas of research and development.
Read more

Risk management and fraud prevention for an optimised digital banking experience
Add risk management to enhance onboarding and access to your digital banking services, in compliance with PSD2.
Read more