22 August 2017
visit www.avoka.com

EBA told that tougher authentication will have a "chilling" effect on single market

28 November 2016  |  7255 views  |  5 add to basket

A cross-industry letter signed by 39 European and national organisations in the payments value chain has hit out at European Banking Authority (EBA) plans to toughen up authentication rules for online transactions under the revised Payments Service Directive (PSD2).

The EBA's proposals to mandate tighter authentication for transactions over EUR10 has rung alarm bells with industry practitioners who claim that the new rules will lead to more declined transactions and abandoned purchases as customers are forced to conduct additional security checks at the checkout.

The letter to European Commission vice president Vladis Dombrovskis has been signed by a broad swathe of industry practitioners representing the payments, cards, e-commerce, small merchants, ICT and digital technology, telecoms, foreign trade, and leisure and travel industries.

It highlights a potentially "chilling effect on the digital single market" of the prescriptive rules, and instead calls for a more flexible risk-based approach to securing individual transactions.

"We are fully aligned with regulatory objectives to reduce fraud to the lowest possible level which is in the interest of all parties in the payments chain," the letter states. "Our concern is that by choosing a very blunt approach and disregarding some of the highly innovative approaches to authentication and risk management - which are already demonstrably working in the market - this goal will not be achieved and the consequences will be highly disruptive."
KeywordsE-COMMERCE

Comments: (5)

Eli Talmor
Eli Talmor - SentryCom Ltd. - Haifa | 28 November, 2016, 11:51

I , respectfully, disagree .My key point: strong customer and payment authentication must be in-merchant-app. You are welcome to see my presentation , quoting these objections: http://www.slideshare.net/talmor/sentrycs-mobile-for-payments-more-security-and-less-friction

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 28 November, 2016, 15:56 @ Eli Talmor. My immediate observations on your presentation: 1. It's mobile only. What about the implications that could have existed under the EBA proposal for face to face transactions? I.e flights; train journeys where the card and cardholder are physically present but unable to go on-line? 2. Not everyone has a smart phone 3. Assumes all merchants have a merchant app'. 4. Commercials. A 'fee per transaction' = just another snout in the trough.
Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 28 November, 2016, 17:49

I totally agree with the sentiments expressed by the cross-industry letter. After years of mandating strong authentication, the Indian regulator seems to have realized that the friction posed by 2FA is a bigger conversion killer than any comfort feeling delivered by greater security. As a result, it has prioritized convenience over security by waiving the 2FA mandate in its recently-published specs for Recurring Payments. It has also allowed instore / card present transactions below INR 1000 to happen without PIN. I'm sure these measures will boost digital payments in India - even without counting the boost given by the recent #CurrencySwitch measure. Against this backdrop, I can't help feeling that EBA is going back in time.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Eli Talmor
Eli Talmor - SentryCom Ltd. - Haifa | 29 November, 2016, 06:37

@ Anonymous Finextra Member 

1. The trend is clear : https://www.bloomberg.com/news/articles/2016-11-25/black-friday-s-slow-death-drags-on-as-shoppers-migrate-online

2. Sentrycs Mobile is NOT a one-size-fits-all solution. 

3. E-Merchant does not nessesarily need a smartphone app. Web/browser integration is also possible.

4.  "A 'fee per transaction' = just another snout in the trough."- Are you referring to the payment network in general ???

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 29 November, 2016, 07:43

One principle of the EBA rules that is easily overlooked: authorisation of a payment belongs to the responsability of the payer's Account Servicing PSP, not the merchant or some other PSP.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Visa slams European plans for stronger online transaction authentication rules

Visa slams European plans for stronger online transaction authentication rules

22 November 2016  |  12120 views  |  7 comments | 22 tweets | 38 linkedin
PSD2 a golden opportunity for banks – new Finextra paper

PSD2 a golden opportunity for banks – new Finextra paper

29 September 2016  |  15908 views  |  0 comments | 31 tweets | 30 linkedin
Banks unsure on response to PSD2 upheaval

Banks unsure on response to PSD2 upheaval

12 August 2016  |  9528 views  |  0 comments | 19 tweets | 28 linkedin
ECB sets out draft mobile payments security recommendations

ECB sets out draft mobile payments security recommendations

20 November 2013  |  9301 views  |  0 comments | 16 tweets | 13 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
download the paper nowvisit www.dorsum.euvisit www.worldpaymentsreport.com

Who is commenting?

A Finextra member Finextra Member Commented on: Real-time payments in...
A Finextra member Finextra Member Commented on: Barclays uses sensors...

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
11676 views comments | 26 tweets | 23 linkedin
Barclays pairs banking data with third party apps for SmartBusiness DashboardBarclays pairs banking data with third par...
10046 views comments | 22 tweets | 31 linkedin
hands typing furiouslyWhy Is Risk Analytics Important?
9736 views 0 | 5 tweets | 1 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
9444 views comments | 19 tweets | 23 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
9423 views comments | 10 tweets | 8 linkedin