Banks in Europe have deployed customer authentication solutions for several years. These solutions have served their purpose well and enabled customers to safely log in to their bank accounts. In the world of e-commerce, these solutions, when used, have been successful in combatting online payment fraud. 

The Second Payment Services Directive (PSD2) and its associated Regulatory Technical Standards (RTS) dramatically change the payment landscape, considering:

  • The mandate for strong, multi-factor authentication, 
  • The emergence of Third Party Providers (TPP) accessing accounts via open APIs

The success of PSD2 will ultimately be determined by how well banks can balance user convenience with security obligations, while maximizing reach. As such, they may want to evaluate how well their legacy authentication solutions meet this new need. 

FIDO authentication standards have been proposed as a way for banks to meet all requirements in a PSD2 world — but is the change from a legacy method to FIDO worthwhile? This paper proposes guidance to banks to help them decide. 

The paper describes FIDO Authentication standards and compares it with legacy authentication methods used to access an account or secure an online payment. The methods compared are SMS OTPs, hardware OTP generators, CAP readers, and proprietary smartphone and biometrics-based solutions in terms of PSD2 compliance, security, usability and scalability. Ultimately, the paper answers the question: Why change to FIDO?


More

White Paper: Addressing FIDO Alliance’s Technologies in Post Quantum World

There has been considerable press, a number of papers, and several formal initiatives concerned with…

Read More →

White Paper: FIDO Alliance Guidance for U.S. Government Agency Deployment of FIDO Authentication

This document is intended to highlight areas where FIDO offers the best value to address…

Read More →

White Paper: High Assurance Enterprise FIDO Authentication

This white paper addresses specific considerations for determining the appropriate type of passkey for enterprises…

Read More →


12313 Next