Submission #16

Primary tabs

View(active tab)

EDiMA

Do you prefer for the EBA guidelines a. to enter into force, as consulted, on 1 August 2015 with the substance set out in this consultation paper, which means they would apply during a transitional period until stronger requirements enter into force at a later date under PSD 2 (i.e. a two-step approach); or to anticipate these stronger PSD 2 requirements and include them in the final guidelines under PSD 1 that enter into force on 1 August 2015, the substance of which would then continue to apply under PSD 2 (i.e. a one-step approach).

On behalf of its member companies, the European Digital Media Association1 (EDiMA) welcomes the opportunity to respond to this consultation. We recommend the following:
- EBA should await finalization of the PSD2 text and then review the SecuRe Pay Recommendations against these new security requirements before issuing draft EBA Guidelines.
- The definition of strong authentication should be flexible enough to allow for new technologies to develop – tying this to two-factor authentication will stifle innovation in payment security. Security future proof regulations should aim at setting security benchmarks as opposed to imposing processes.
- EBA Guidelines should ensure reconciliation of security with consumer convenience, as over complex security methods might lead to users’ avoidance behavior with increased risk for users.
- EBA Guidelines should be consistent with global security practices to prevent creation of a “European fortress”.

Upload files EDiMA response to EBA Consultation FINAL.pdf

Name of organisation EDiMA