Regulatory Technical Standards on strong customer authentication and secure communication under PSD2

Status: Final draft RTS/ITS adopted by the EBA and submitted to the European Commission

The proposed Regulatory Technical Standards on strong customer authentication and secure communication are key to achieving the objective of the PSD2 of enhancing consumer protection, promoting innovation and improving the security of payment services across the European Union.

Links

Single Rulebook Q&A on Regulation (EU) 2018/389 – RTS on strong customer authentication and secure communication
Discussion on RTS on strong customer authentication and secure communication under PSD2 | News item

Summary of document history

Current version Ongoing versions

Consultation on RTS specifying the requirements on strong customer authentication and common and secure communication under PSD2

Status: Closed
Deadline: 12 OCTOBER 2016

Documents

Consultation Paper on draft RTS on SCA and CSC

(441.67 KB - PDF) Last update 12 August 2016

Download

Responses

The form is now closed.

Received responses to the EBA

See all responses

News item

EBA seeks input on strong customer authentication and secure communication under PSD2

8 December 2015

The European Banking Authority (EBA) published today a Discussion Paper on strong customer authentication and secure communication. The revised Payment Services Directive (PSD2) will mandate the EBA to deliver Regulatory Technical Standards on this topic, which the EBA is required to deliver by January 2017. Prior to starting the development of these requirements, the EBA is issuing a Discussion Paper, with a view to obtaining early input into the development process. Responses can be submitted until 8 February 2016.

EBA consults on strong customer authentication and secure communications under PSD2

12 August 2016

The European Banking Authority (EBA) published today a Consultation Paper on draft technical standards on strong customer authentication and common and secure communication under the revised Payment Services Directive (PSD2). These technical standards will ensure appropriate levels of security, while at the same time maintaining fair competition between all payment service providers and allowing for the development of user-friendly, accessible and innovative means of payment.

EBA consults on the amendment to its technical standards on strong customer authentication and secure communication in relation to the 90-day exemption for account access

28 October 2021

The European Banking Authority (EBA) launched today a public consultation on the amendment of its Regulatory Technical Standards (RTS) on strong customer authentication and secure communication (SCA&CSC) under the Payment Services Directive (PSD2) with regard to 90-day exemption from SCA for account access. The proposed amendment aims at addressing a number of issues that the EBA has identified in the application of the exemption by some account servicing payment service providers (ASPSPs) across the EU Member States and which have resulted in a negative impact on the services offered by account information service providers (AISPs) under the PSD2. The consultation runs until 25 November 2021.

Press contacts

Franca Rosa Congiu

Organisation and governance

Legal and policy framework

Careers

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre