RegionsEEAEBA agrees to relax PSD2 authentication rules

EBA agrees to relax PSD2 authentication rules

The European Banking Authority said that its proposed rules for stronger customer authentication would be relaxed for payments under €10.

The European Banking Authority (EBA) has agreed to relax part of the European Union’s (EU) revised Payments Services Directive, aka PSD2, which is due to take effect from January 2018.

In a speech given in London, EBA chairman Andrea Enria said that the proposed standards for stronger customer authentication would be modified to relax the requirement for all payments under €10. The proposal had triggered protests from industry participants who claimed that the mandate would result in more declined transactions and abandoned purchases at the checkout.

Enria said that the threshold would be raised from €10 to €30 for remote consumer transactions, although there would be no exemption for corporate payments. Firms using ‘transaction risk analysis’ to counter attempted fraud will also be offered a get-out clause, as will payments at unattended terminals, such as parking meters or transport tickets. The use of transaction risk techniques will be monitored over an 18-month period to ensure that safeguards are working to reduce fraud rates.

The EBA faces a challenge in meeting the timetable for delivering the regulatory technical standards (RTS) for PSD2, after receiving a record 224 responses to its first four consultation papers on the issue.

“The EBA identified 300 distinct concerns and clarification requests by respondents,” said Enria. “Each of these concerns will be listed in a 100-page feedback table that we will publish as part of the final draft.”

Enria also confirmed that under PSD2 so-called “screen-scraping,” which automates the copying of data from a website, will be banned despite calls for open communication between banks and financial services providers for the purpose of customer data sharing. Responding to the decision, Conor Ogle, vice president – business consulting at consulting group Sapient’s division Sapient Global Markets, said: “A bank’s homepage is under ongoing assault from many sources. They can only survive this by offering services their customers truly value.

“Whether or not screen scraping was going to be permitted, banks must take swift action and consider which propositions they should be providing themselves. Rather than treating alternate providers as threats to their existing business models, they would better serve their customers and shareholders by evaluating which of the propositions could provide real value to their customers.

“An application program interface (API)-based economy transfers power to the end user. In this model, banks could find themselves reduced to “dumb pipes” at best, with consumers naturally favouring customer-centric propositions with friction-free onboarding and enhanced data-driven services.

“Despite all these obvious signs, some banks will fail to see PSD2 as anything more than a regulatory response project. They may squander the chance to fundamentally reset their value propositions, ignoring this opportunity to reconsider the very purpose and nature of their brands through the lens of their customer.”

John Harvie, director at consulting firm Protiviti, commented: “The introduction of PSD2 opens up opportunities and creates new challenges. These opportunities and challenges are in tension with one another with the competing demands of ease of use, security and reliability being traded off against each other.

“It will take some time for this to stabilise and the announcements today are just one step in this process. For the UK the issue of Brexit adds to the complexity; however the prize of a low cost, low friction payments landscape that encourages competition and innovation is in our opinion a goal well worth fighting for.”

Earlier this month, a Financial Times report claimed that financial technology (fintech) companies were accusing the major banks of lobbying for EU legislation, including PSD2, to be diluted.

 

 

Related Articles

EBA responds to issues raised by EBA API Working Group

Banking EBA responds to issues raised by EBA API Working Group

3d Jay Ashar
Flexibility around PSD2 implementation needed to avoid cliff-edge scenario

Compliance Flexibility around PSD2 implementation needed to avoid cliff-edge scenario

3d Jay Ashar
eBAM: the foundation for a successful finance team

Corporate to Bank Relationships eBAM: the foundation for a successful finance team

4d Austin Clark
Need for banks' participation for benchmarking credit risks

Banking Need for banks' participation for benchmarking credit risks

5d Jay Ashar
Digitisation and technology upgrades are top treasury priorities

Banking Digitisation and technology upgrades are top treasury priorities

2w Jay Ashar
Open Banking: The future of treasury?

Open Banking Open Banking: The future of treasury?

3w Tom Lemmon
Non-banks become largest recipients of international credit for first time

Corporate to Bank Relationships Non-banks become largest recipients of international credit for first time

3w Jay Ashar
Open Banking will “dramatically” change the way treasurers work

Open Banking Open Banking will “dramatically” change the way treasurers work

4w Tom Lemmon

Whitepapers & Resources

Are You Ready to Implement your GRC Solution?

Are You Ready to Implement your GRC Solution?

4m
TIS Sanction Screening Survey Report

Payments TIS Sanction Screening Survey Report

2m
The Challenges of Regulatory Reporting

Brexit The Challenges of Regulatory Reporting

7m
Mitigating Costs and Exposure - A Multilateral Netting White Paper

Mitigating Costs and Exposure - A Multilateral Netting White Paper

6m