Preparing for PSD2 technical requirements using RSA solutions
Content of Figures
Commissioned by RSA
1 Executive Summary
In the European Union, the Revised Payment Services Directive (PSD2) will radically alter the financial services landscape. It has already begun to c ...
Login Free 30-day Select Access Get full Access2 Highlights
- EU PSD2 took effect in January 2018
- The Regulatory Technical Specifications (RTS) govern the implementation of Strong Customer Authentication (SCA ...
3 PSD2: The background and Regulatory Technical Specifications
PSD2 will revolutionize payments and financial services across the EU. PSD2 aims to foster competition in the financial sector, increase transactional ...
Login Free 30-day Select Access Get full Access3.1 Background and goals of PSD2
The original PSD helped establish the Single Euro Payments Area (SEPA), facilitated cross-border payments, cut fees and increased choices for consumer ...
Login Free 30-day Select Access Get full Access3.2 Strong Customer Authentication
Clients of financial services must use strong authentication methods to access financial resources. As written, PSD2 defines strong authentication in ...
Login Free 30-day Select Access Get full Access3.3 Secure Communications
Banks and other account holding institutions must expose APIs for AISPs and PISPs to utilize. AISPs will need to create accounts and read account inf ...
Login Free 30-day Select Access Get full Access3.4 Market changes and risks
Banks will still hold money and make loans, but new companies are emerging that will also provide services to handle account aggregation and payment m ...
Login Free 30-day Select Access Get full Access4 PSD2 RTS architecture
Complying with PSD2’s regulatory technical specifications almost certainly means building new capabilities, functions, and features. Correspondingly ...
Login Free 30-day Select Access Get full Access4.1 SCA
Many CIAM and IAM solutions on the market today support the concept of SCA. Companies that have to comply with PSD2’s SCA provisions must decide whe ...
Login Free 30-day Select Access Get full Access4.2 Anti-malware capabilities
In Clause 2 of Article 2, PSD2 RTS states “Payment service providers shall ensure that the transaction monitoring mechanisms take into account, a ...
Login Free 30-day Select Access Get full Access4.3 Secure APIs
Banks have to provide secure APIs for TPPs and other banks to use. Banks have the most work to do here. Almost invariably, banks will have to implemen ...
Figure 1 shows some samples of the kinds of API calls that AISPs and PISPs will make to banks. The API calls are grouped by HTTP POSTs and GETs. Trans ...
Login Free 30-day Select Access Get full Access5 RSA solutions that can contribute to PSD2 compliant architectures
RSA SecurID Access, RSA Adaptive Authentication, RSA Web Threat Detection, and RSA Archer provide SCA, transactional risk analysis, malware and threat ...
Login Free 30-day Select Access Get full Access5.1 RSA SecurID Access
RSA makes many identity and security products and services, but perhaps the most recognizable product is the SecurID token. But that is just one of ma ...
Login Free 30-day Select Access Get full Access5.2 RSA Adaptive Authentication
RSA Adaptive Authentication is a risk-based authentication and fraud detection platform deployed today at over 3,000 organizations. It utilizes the R ...
Login Free 30-day Select Access Get full Access5.3 RSA Web Threat Detection
RSA Web Threat Detection is a component of the RSA Fraud and Risk Intelligence Suite. It can be deployed on-premises, in the cloud, or run as a multi- ...
Login Free 30-day Select Access Get full Access5.4 RSA Archer
RSA Archer is an industry-leading GRC platform. It contains a variety of functionally discrete modules and has been extended by a number of third part ...
Login Free 30-day Select Access Get full Access6 Recommendations
PSD2 is fast approaching, and the RTS will require major technology insertions for many banks and TPPs. IAM/CIAM infrastructure may need to be upgrade ...
Login Free 30-day Select Access Get full Access6.1 Recommendations for conducting a PSD2 Readiness Assessment
- Read and understand the text of PSD2 and the latest RTS. Know which sections apply based on your type of business: banks will have the most work to ...
6.2 Recommendations for meeting PSD2’s SCA and API Security Requirements
- If desired strong authentication options are not available in your current IAM solution, procure and deploy a modern IAM / adaptive authentication s ...
7 Related Research
Leadership Compass: Access Management and Federation - 71102