Skip to content
Payment Card YearbooksPayment Card Yearbooks
ECB outlines new security standards for internet payments

ECB outlines new security standards for internet payments

Banks, credit card companies and other payment service providers (PSPs) should put

European Central Bank with Euro

The European Central Bank has set out draft recommendations on mobile payments security

multiple “security measures” in place to ensure that they can repel attempts to breach the integrity of internet payment systems, the European Central Bank (ECB) has recommended.

The 14 recommendations cover all payments in which mobiles are used to initiate a transaction, whether they are contactless, app-based or through mobile network operators’ channels.

On the thorny issue of authentication, the draft says that all mobile payment service providers should protect transactions through strong (at least two-factor) authentication.

However, this is not set in stone and the possibility of allowing less stringent measures for low value payments and low-risk transactions such as those within the same payment service provider, is raised.

The ECB says that this would create a difference in security requirements compared with those for card-present payments, “which may be difficult to justify” but is now asking industry participants to chip in with their opinions.

Among the other draft recommendations is a limit to the number of incorrect log-in attempts a user gets, strong transaction monitoring mechanisms to spot fraud, data protection rules, and a requirement to log all transactions with an audit trail.

Interested parties no have until the end of January to comment before final recommendations are made which should be implemented by European mobile payment service providers by February 2017.

Download the document now

The post ECB outlines new security standards for internet payments appeared first on Payments Cards & Mobile.

Cart 0

Your cart is currently empty.

Start Shopping