People worldwide are increasingly conducting their banking operations online from various devices, including computers, tablets, and mobile phones.
Innovative banking services are flourishing, providing more reliable, convenient, and straightforward solutions.
And yet, the growth of online and mobile payments has also been accompanied by a dramatic increase in online fraud.
Banking customers expect convenience but are not willing to trade away security in the process.
According to a Thales poll, 44% of those surveyed would switch banks if their current bank was breached. The onus on protecting personal customer information is clearly on the bank.
OF CONSUMERS WOULD SWITCH BANKS IF THEIR CURRENT BANK WERE BREACHED
PSD2 compliance: Strong customer authentication
Banks around Europe face the challenge of implementing the revised Payment Services Directive (PSD2) and, in practice, its related Regulatory Technical Standards (RTS).
Banks should provide a more robust framework to offer the added security that consumers are seeking. The new European regulation mandates Strong Customer Authentication (SCA) procedures for online banking services and initiating and processing electronic payments.
Strong Customer Authentication, as defined in PSD2, means that transactions are authenticated using two or more of the following elements:
- Knowledge: something only the user knows (e.g., password, pin, ID number)
- Ownership: something only the user possesses (e.g., mobile device, token, smart card)
- Inherence: something only the user is (e.g., fingerprint, face, or voice recognition)
In the case of remote payments, PSD2 compliance also requires the creation of a dynamic link. This additional authentication element dynamically links the transaction amount and the account number of the payee.
Thales Mobile Solutions
Are you looking to provide added security to your banking and financial services? Our Gemalto Mobile Protector delivers state-of-the-art security to the mobile channel for a seamless user experience.
The software suite easily integrates into any mobile financial app to support the full set of strong customer authentication factors, including biometric methods such as fingerprint and facial recognition.
It shields your mobile banking app against attacks like key loggers, malware, reverse engineering application cloning, and phone theft.
The built-in messenger software also secures the mobile channel, the authentication elements, the transaction value, and the beneficiary.
Using it as an out-of-band authentication channel helps protect non-mobile transactions against attacks like phishing, man-in-the-middle, and man-in-the-browser.
Mobile security for PSD2/RTS
Considering the security requirements stated by PSD2 / RTS, our mobile solutions address all the needs expressed by EC and EBA and may help banks to reach a high compliance level, especially:
- Having a secure storage environment separated from the processing environment
- Protecting data as confidential data are enciphered or not stored, Strong Customer Authentication is required to access them, and measures against data duplication exist.
- Securing communication thanks to ciphering, servers exchanging with mobile are authenticated and secure channel is provided and device binding.
Financial institutions trust Thales to leverage the mobile channel to deliver secure and convenient digital banking services to their customers all over the world.
More than 100 banks already use the software suite worldwide to secure their financial services in such areas as mobile banking, mobile wallet and payments, online banking, eCommerce, card management, P2P money transfers, and cardless ATMs, to name a few.
Our comprehensive Strong Customer Authentication offer to secure digital banking access is also available as a service, as part of our Gemalto IdCloud platform.
The new PSD2 directive is a fundamental piece of payment legislation in Europe. Learn how to get ready with Thales.
Read more on PSD2
How to improve user experience?
By evaluating risk and adapting accordingly, banks can offer a targeted approach that strikes the right balance between security and user convenience.
Innovate with Open Banking API
By working more closely with third-party actors, financial institutions can better prepare themselves for the market changes and proactively identify research and development areas.
Read more on open banking.
Thales Gemalto Mobile Protector
Learn how biometric authentication is reshaping mobile banking
Authentication cloud services to secure access to digital banking.
We bring our Strong Customer Authentication (SCA) offer as a cloud-based managed service and deploy the same security and convenience for your digital services in a much faster, flexible, and cost-efficient manner.