2018 may be the year of GDPR.... but it's also the year of PSD2
Earlier this year GDPR came into effect, and it was the most important data privacy law we've ever seen. But it wasn't the only major regulatory change to impact financial businesses this year, there's also the PSD2 (revised Payment Services Directive), an updated regulation that came into effect in January. It requires banks to share raw account data with third-party providers, based on customer permissions and open up APIs allowing those third-parties to initiate payment transactions on behalf of the customer.
A key factor of PSD2 is its requirement for a strong authentication process whenever a payment is initiated or remote account access is requested, which is what's known in the directive as Strong Customer Authentication (SCA).
GDPR is about tighter data protection. PSD2 is part of an open banking movement. But it’s the combination of both that could be keeping you up at night if you’re in the financial industry.
We take a look at the impact PSD2 is having on identification and the challenges of Strong Customer Authentication on the financial industry.