Article 98
ISRB ToC ToC

Path:
Payment Services Directive 2 (PSD2) > TITLE IV > CHAPTER 5 > Article 98
Title:
Article 98
Links:
Description: 
Regulatory technical standards on authentication and communication
Main content: 

1. EBA shall, in close cooperation with the ECB and after consulting all relevant stakeholders, including those in the payment services market, reflecting all interests involved, develop draft regulatory technical standards addressed to payment service providers as set out in Article 1(1) of this Directive in accordance with Article 10 of Regulation (EU) No 1093/2010 specifying:

(a) the requirements of the strong customer authentication referred to in Article 97(1) and (2);

(b) the exemptions from the application of Article 97(1), (2) and (3), based on the criteria established in paragraph 3 of this Article; 

(d) the requirements for common and secure open standards of communication for the purpose of identification, authentication, notification, and information, as well as for the implementation of security measures, between account servicing payment service providers, payment initiation service providers, account information service providers, payers, payees and other payment service providers.

2. The draft regulatory technical standards referred to in paragraph 1 shall be developed by EBA in order to:

(a) ensure an appropriate level of security for payment service users and payment service providers, through the adoption of effective and risk-based requirements;

(b) ensure the safety of payment service users’ funds and personal data;

(c) secure and maintain fair competition among all payment service providers;

(d) ensure technology and business-model neutrality;

(e) allow for the development of user-friendly, accessible and innovative means of payment.

 

3. The exemptions referred to in point (b) of paragraph 1 shall be based on the following criteria:

(a) the level of risk involved in the service provided;

(b) the amount, the recurrence of the transaction, or both;

(c) the payment channel used for the execution of the transaction.

 

4. EBA shall submit the draft regulatory technical standards referred to in paragraph 1 to the Commission by 13 January 2017.

Power is delegated to the Commission to adopt those regulatory technical standards in accordance with Articles 10 to 14 of Regulation (EU) No 1093/2010.

5. In accordance with Article 10 of Regulation (EU) No 1093/2010, EBA shall review and, if appropriate, update the regulatory technical standards on a regular basis in order, inter alia, to take account of innovation and technological developments

Metadata: 
https://www.eba.europa.eu/single-rule-book-qa/search?field_legal_act%5B%5D=517&field_question_id=2018_4043,2018_4045,2018_4071,2018_4089,2018_4120,2018_4127,2018_4128,2018_4138,2018_4140,2018_4163,2018_4210,2018_4235,2018_4238,2018_4239,2018_4360,2018_4366,2018_4375,2018_4439,2019_4507,2019_4532,2019_4609,2019_4630,2019_4638,2019_4662,2019_4693,2019_4702,2020_5224&items_per_page=20
Topic: 
Payment services and electronic money
Q&A :
Paragraph: 
1
Links: 
2022_6392 API functionality
Paragraph: 
4
Links: 
2021_5845 Ability of Payee’s PSP to apply exemptions from SCA in credit transfers
2021_6156 Arbitrating between security and obstacles
2021_6246 Change of TPP access rights for AIS consent by the PSU prior to authorisation