People worldwide increasingly conduct their banking operations online from various devices, including computers, tablets, and mobile phones.
Innovative banking services are flourishing, providing more reliable, convenient, and straightforward solutions.
And yet, the growth of online and mobile payments has also been accompanied by a dramatic increase in online fraud.
Banking customers expect convenience but are not willing to trade away security in the process.
According to a Thales poll, 44% of those surveyed would switch banks if their current bank was breached. The onus on protecting personal customer information is clearly on the bank.
+44%
OF CONSUMERS WOULD SWITCH BANKS IF THEIR CURRENT BANK WERE BREACHED
PSD2 compliance: Authenticated transaction
Banks around Europe face the challenge of implementing the revised Payment Services Directive (PSD2) and, in practice, its related Regulatory Technical Standards (RTS).
Banks should provide a more robust framework to offer the added security that consumers are seeking. The new European regulation mandates Strong Customer Authentication (SCA) procedures for online banking services and initiating and processing electronic payments.
To read more information on strong customer authentication
Strong Customer Authentication, as defined in PSD2, means that transactions are authenticated using two or more of the following elements:
- Knowledge: something only the user knows (e.g., password, pin, ID number)
- Ownership: something only the user possesses (e.g., mobile device, token, smart card)
- Inherence: something only the user is (e.g., fingerprint, face, or voice recognition)
In the case of remote payments, PSD2 compliance also requires the creation of a dynamic link. This additional authentication element dynamically links the transaction amount and the payee's account number.
Thales Mobile Solutions
Are you looking to provide added security to your banking and financial services? Our Gemalto Mobile Protector delivers state-of-the-art security to the mobile channel for a seamless user experience.
The software suite easily integrates into any mobile financial app to support the full set of strong customer authentication factors, including biometric methods such as fingerprint and facial recognition.
There's more.
It shields your mobile banking app against attacks like key loggers, malware, reverse engineering application cloning, and phone theft.
The built-in messenger software also secures the mobile channel, the authentication elements, the transaction value, and the beneficiary.
Using it as an out-of-band authentication channel helps protect non-mobile transactions against attacks like phishing, man-in-the-middle, and man-in-the-browser.
Mobile security for PSD2/RTS
Considering the security requirements stated by PSD2 / RTS, our mobile solutions address all the needs expressed by EC and EBA and may help banks reach a high compliance level, especially:
- Having a secure storage environment separated from the processing environment
- Protecting data as confidential data are enciphered or not stored, Strong Customer Authentication is required to access them, and measures against data duplication exist.
- Securing communication thanks to ciphering, servers exchanging with mobile are authenticated, and a secure channel is provided and device binding.
Why Thales?
Financial institutions trust Thales to leverage the mobile channel to deliver secure and convenient digital banking services to their customers worldwide.
More than 100 banks already use the software suite worldwide to secure their financial services in mobile banking, mobile wallet and payments, online banking, eCommerce, card management, P2P money transfers, and cardless ATMs, to name a few.
Our comprehensive Strong Customer Authentication offer to secure digital banking access is also available as a service, as part of our Gemalto IdCloud platform.
More resources on PSD2 2-factor authentication
PSD2 regulation
The new PSD2 directive is a fundamental piece of payment legislation in Europe. Learn how to get ready with Thales.
Read more on PSD2
How to improve user experience?
By evaluating risk and adapting accordingly, banks can offer a targeted approach that balances security and user convenience.
Read more
Innovate with Open Banking API
Financial institutions can better prepare themselves for market changes by working more closely with third-party actors and proactively identifying research and development areas.
Read more on open banking.
Thales Gemalto Mobile Protector
Learn how biometric authentication is reshaping mobile banking
Read more
Strong customer authentication to secure access to digital banking.
We bring our Strong Customer Authentication (SCA) offer as a cloud-based managed service and deploy the same security and convenience for your digital services in a much faster, flexible, and cost-efficient manner.
Read more
Documents
Thales – The PSD2 expert company
PSD2 compliant solutions for your authentication needs
PSD2 compliant means for your authentication needsUnderstand PSD2 compliance and discover PSD2 solutions
Read our white papers to understand the latest implications of PSD2 for the banking and payment landscape in Europe.
Download the whitepapersGemalto Mobile Protector
Secure online transactions with your smartphone
Gemalto Mobile Protector [PDF - 641 kb]Thales Gemalto IdCloud for Access
Cloud based strong customer authentication and flexible risk management to secure access to digital banking services
Gemalto IdCloud for Access [PDF - 2 mb]