RegionsEEAAre you ready for the security obligations of PSD2?

Are you ready for the security obligations of PSD2?

An open letter to the banking industry, which is far from prepared for the wide-ranging impact of open banking.

As we close out 2016 and welcome 2017 as a year fresh with promise, it’s impossible to ignore the fact that Europe’s new revised Payments Services Directive (PSD2) is a reality that still looms large and uncertain in our future.

Even if passporting isn’t negotiated as part of Brexit and as a result PSD2 doesn’t come to fruition (a distinct possibility), open banking is nonetheless here to stay. Frankly, it’s about time – the industry is long overdue for a more competitive environment. Open banking will encourage exactly the type of innovation necessary to stimulate the development of new business models, as well as a wide range of new banking services.

But are banks really ready for all of the ramifications that open banking brings? In many cases, the answer is a resounding ‘no’ – although not for the reasons you’d think.

While everyone has been talking ad nauseam about the innovation and competition aspects of open banking, one critical impact has been notably absent from the majority of discussions, and that’s security.

Open banking throws the doors wide open to sensitive, valuable customer data and payment infrastructure. It’s easy to overlook the security implications of that fact when access is only being granted to appropriately regulated organisations, but let’s be realistic. The industry is already in an arms race with hackers, fending off attacks of every conceivable type. Who knows what kind of havoc can be wrought with free access to customer data and an open payment infrastructure; things we couldn’t even imagine. There’s already been talk about the risks of fraudulent third-party providers (TPPs) – what next?

Convenience versus security

In fairness, one of the main goals of open banking is actually to increase the security of payments. PSD2 specifically includes key security considerations, such as mandatory use of two-factor authentication; security incident reporting to both regulators and customers; as well as mandatory security assessment reporting to regulators that addresses security measures and their effectiveness.

All this provides some level of reassurance, but it certainly doesn’t relieve banks of the responsibility of making sure that their systems are properly secured against the potential barrage of inventive new attacks that could come – for example implementing behaviour monitoring technology to ensure that incidents of fraud can be identified and stopped before doing any damage.

There’s no question that open banking will change the payments industry as we know it, promoting innovation and driving competition like never before. It will make payments easier than ever. But convenience shouldn’t come at the price of security. Banks need to seriously consider the security threats of open banking – and they need to prepare for those threats now, before it’s too late.

* For more on PSD2, click here.

Related Articles

BigTech in financial services may require sweeping new laws

Big Data BigTech in financial services may require sweeping new laws

2d Jay Ashar
Open season on Open Banking

FinTech Open season on Open Banking

2d Jonathon Tanner
AccessPay appoints Tim Butchart as Chief Revenue Officer

Cash Management Regional AccessPay appoints Tim Butchart as Chief Revenue Officer

1w Jay Ashar
Capgemini: Will big tech make big waves in 2020?

FinTech Capgemini: Will big tech make big waves in 2020?

1w Tom Lemmon
Is it time for banks to think like big tech?

Banking Is it time for banks to think like big tech?

3w Austin Clark
Bank of America: The future is fast, smart and secure

Banking Bank of America: The future is fast, smart and secure

1m Austin Clark
Reversing the cultural trend: how Europe is driving technology innovation to influence the US

Banking Reversing the cultural trend: how Europe is driving technology innovation to influence the US

1m Santosh Radhakrishnan
Unlocking value: maximising the potential of supply chain finance

Banking Unlocking value: maximising the potential of supply chain finance

1m Alexander Pawellek

Whitepapers & Resources

Transaction Banking Survey 2019

Transaction Banking Survey 2019

3m
TIS Sanction Screening Survey Report

Payments TIS Sanction Screening Survey Report

5m
Enhancing your strategic position: Digitalization in Treasury

Payments Enhancing your strategic position: Digitalization in Treasury

7m
Netting: An Immersive Guide to Global Reconciliation

Netting: An Immersive Guide to Global Reconciliation

10m