KuppingerCole Report
By John Tolbert

ForgeRock Identity Platform capabilities for Authentication under PSD2

The Revised Payment Service Directive (PSD2) will drive many changes in technical infrastructure at financial institutions across Europe. Banks and other financial service providers must quickly prepare for PSD2. ForgeRock Identity Platform provides strong customer authentication capabilities that can help businesses meet the technical challenges posed by PSD2.

Commissioned by ForgeRock

1 Executive Summary

In the European Union, the Revised Payment Services Directive (PSD2) will radically alter the financial services landscape. It has already begun to cr ...

Login Get full Access

2 Highlights

  • EU PSD2 took effect in January 2018. The Regulatory Technical Specifications (RTS) govern the implementation of Strong Customer Authentication (SCA ...
Login Get full Access

3 PSD2: The background and Regulatory Technical Specifications

PSD2 will revolutionize payments and financial services across the EU. PSD2 aims to foster competition in the financial sector, increase transactional ...

Login Get full Access

3.1 Background and goals of PSD2

The original PSD helped establish the Single Euro Payments Area (SEPA), facilitated cross-border payments, cut fees and increased choices for consumer ...

Login Get full Access

3.2 Strong Customer Authentication

Clients of financial services must use strong authentication methods to access financial resources. As written, PSD2 defines strong authentication in ...

Login Get full Access

3.3 Market changes and risks

Banks will still hold money and make loans, but new companies are emerging that will also provide services to handle account aggregation and payment m ...

Login Get full Access

4 Technical capabilites for PSD2 RTS architecture

Complying with PSD2’s regulatory technical specifications almost certainly means building new capabilities, functions, and features. Correspondingly ...

Login Get full Access

4.1 SCA and Transaction Risk Analysis

Many CIAM and IAM solutions on the market today support the concept of SCA. Companies that have to comply with PSD2’s SCA provisions must decide whe ...

Login Get full Access

4.2 CIAM

In order to offer SCA, a proper Identity and Access Management (IAM) solution is needed. Traditional IAM systems are designed to provision, authentica ...

Login Get full Access

5 What you need from IAM systems for PSD2

In chapter 4 we see that, at a high level, banks and financial institutions need CIAM solutions with risk adaptive authentication mechanisms to achiev ...

Login Get full Access

6 ForgeRock Identity Platform as a foundation for PSD2 compliant architectures

ForgeRock Identity Platform can provide CIAM, SCA, and risk-adaptive multi-factor authentication functionality that directly address the technical req ...

Login Get full Access

6.1 ForgeRock Intelligent Authentication for SCA and transactional risk analysis

ForgeRock Access Management, as a component of the ForgeRock Identity Platform, performs the authentication and authorization functions. It supports m ...

Login Get full Access

6.2 ForgeRock IDM for CIAM

ForgeRock’s Identity Management module provides a rich set of features for CIAM. Users can self-register and manage their accounts, including consen ...

Login Get full Access

7 Recommendations

PSD2 is fast approaching, and the RTS will require major technology insertions for many banks and TPPs. IAM/CIAM infrastructure may need to be upgrade ...

Login Get full Access

7.1 Recommendations for conducting a PSD2 Readiness Assessment

  • Inventory existing IAM and risk management infrastructure: Can it offer strong customer authentication? Does it have sufficiently advanced risk anal ...
Login Get full Access

7.2 Recommendations for meeting PSD2's SCA Requirements

  • Utilize risk adaptive authentication for transactions that fall under the purview of SCA. Use ongoing transactional risk analysis to reduce the need ...
Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.