Meeting PSD2 Challenges with Ergon Airlock Suite
Content of Figures
Commissioned by Ergon
1 Executive Summary
In the European Union, the Revised Payment Services Directive (PSD2) will radically alter the financial services landscape. It has already begun to c ...
Login Free 30-day Select Access Get full Access2 Highlights
- EU PSD2 takes effect in January 2018
- The Regulatory Technical Specifications governing the implementation of Strong Customer Authentication (SCA) ...
3 PSD2: The background and Regulatory Technical Specifications
PSD2 will revolutionize payments and financial services across the EU. PSD2 aims to foster competition in the financial sector, increase transactional ...
Login Free 30-day Select Access Get full Access3.1 Background and goals of PSD2
The original PSD helped establish the Single Euro Payments Area (SEPA), facilitated cross-border payments, cut fees and increased choices for consumer ...
Login Free 30-day Select Access Get full Access3.2 Strong Customer Authentication
Clients of financial services must use strong authentication methods to access financial resources. As written, PSD2 defines strong authentication in ...
Login Free 30-day Select Access Get full Access3.3 Secure Communications
Banks and other account holding institutions must expose APIs for AISPs and PISPs to utilize. AISPs will need to create accounts and read account inf ...
Login Free 30-day Select Access Get full Access3.4 Market changes and risks
Banks will still hold money and make loans, but new companies are emerging to handle account aggregation and payment management. While banks will sti ...
Login Free 30-day Select Access Get full Access4 PSD2 RTS architecture
Complying with PSD2’s regulatory technical specifications almost certainly means building new capabilities, functions, and features. Correspondingly ...
Login Free 30-day Select Access Get full Access4.1 CIAM
In order to offer SCA, a proper Identity and Access Management (IAM) solution is needed. Traditional IAM systems are designed to provision, authentica ...
Login Free 30-day Select Access Get full Access4.2 SCA
Many CIAM and IAM solutions on the market today support the concept of SCA. Companies that have to comply with PSD2’s SCA provisions must decide whe ...
Login Free 30-day Select Access Get full Access4.3 Secure Communication
Banks have to provide secure APIs for TPPs and other banks to use. Banks have the most work to do. Almost invariably, banks will have to implement API ...
Figure 1 shows some samples of the kinds of API calls that AISPs and PISPs will make to banks. The API calls are grouped by HTTP POSTs and GETs. Trans ...
Considering the above diagram, customer and TPP systems are in the left-most, and core financial applications and bank enterprise services are on the ...
Login Free 30-day Select Access Get full Access5 The Ergon Airlock Approach to PSD2 compliant architctures
Ergon Airlock Suite provides CIAM, SCA, and API security functionality that directly addresses the technical requirements of PSD2.
Ergon Informatik ...
Login Free 30-day Select Access Get full Access5.1 Airlock IAM for CIAM
Airlock IAM provides user and token management, user self-services such as registration and profile management, and identity federation. Self-registra ...
Login Free 30-day Select Access Get full Access5.2 Airlock WAF for API Security
Airlock WAF can be positioned at perimeters or internal network boundaries to inspect application traffic and protect internal resources. Airlock WAF ...
Airlock WAF has its own log analysis, alerting, and auditing capabilities. But it can also send log and event data to SIEMs using CEF and syslog.
E ...
Login Free 30-day Select Access Get full Access5.3 Airlock Login
Airlock Login is a lighter weight version of Airlock IAM. It can be deployed with Airlock WAF, but does not have to be. It offers password, OTP, MTA ...
Login Free 30-day Select Access Get full Access6 Recommendations
PSD2 is fast approaching, and the RTS will require major technology insertions for many banks and TPPs. IAM/CIAM infrastructure may need to be upgrade ...
Login Free 30-day Select Access Get full Access6.1 Recommendations for conducting a PDS2 Readiness Assessment
- Read and understand the text of PSD2 and the latest RTS. Know which sections apply based on your type of business: banks will have the most work to ...
6.2 Recommendations for meeting PSD2’s SCA and API Security Requirements
- If desired strong authentications options are not available in your current IAM solution, procure and deploy a modern CIAM solution that offers SCA ...