As EyeVerify notes in a new blog post, the Revised Payment Services Directive will come into effect in the European Union in January of 2018. It’s meant to establish uniform payment standards across the region, and to bring about a higher level of consumer protection.
To that end, the European Banking Authority recently submitted its Regulatory Technical Standards to the European Commission, which detail Strong Customer Authentication (SCA) standards. The SCA standards require the implementation of at least two of the following bases for authentication: knowledge (eg. a password), possession (such as a mobile device), and ‘inherence’ (biometrics). Moreover, these elements can’t be disclosed or replicated, and need to be reliable.
The conditions clearly call for the kinds of mobile biometric authentication solutions that are increasingly available to consumers. Eyeprint ID, for example, uses a standard smartphone camera to scan a given user’s eye vein patterns, easily fulfilling the requirements of ‘possession’ and ‘inherence’ in the EBA’s standards. And given the ease with which solutions like these can be deployed, there’s good reason for companies doing business in Europe to implement them now and get well ahead of the PSD2 regulations.
June 8, 2017 – by Alex Perala