How PSD2 Will Eliminate Payment Fraud and Secure Online Payment

By Enterprise Security Magazine | Friday, November 30, 2018

The Payment Services Directive 2 (PSD2) is the current hot topic across the payments industry in Europe because as per this regulation, European banks have to share customer transaction and account data with third party service providers.

E-commerce merchants have used standards against fraud that were few and loose. 3D secure, also known as Verified Visa and MasterCard SecureCode was the fixture of the industry. Merchants had to step up their game to prevent frauds. PSD2 will bring innovation, reduce costs through competition, increase consumer choice and will inevitably be the standard for e-commerce fraud management in the future.

Scratching the Problematic Surface

PSD2 is trying to achieve a fraud-free environment where the merchants are being skimmed for payment card details. This new mandate brings structure and planning by infusing universally accepted standard minimum levels of control that all fintech businesses must stick to. These global standards will bring the industry to a new level, in terms of sophistication relative to fraud. As compared to the fraud prevention measures today, PSD2 has mandatory strong authentication, malware detection, real-time (automated) transaction decisions, behavioral profiling, fraud scenario detection logic, device level analysis which may include IP and geo-location and monitoring and reporting.

Customer Authentication

Most online fraud schemes begin with gaining access to the victim's account. To reduce risks strong user authentication is required and PSD2 has mandatory two-step verification, with a few exceptions. But, the challenge here is to balance security and user experience. The ideal approach lies in authentication which takes risk factors as device, channel and value into consideration and adopts a customer-centric approach for a tailored and tough authentication mechanism.

To securely authenticate a user, Identity management is highly important. EU and eIDAS regulations give a legal ground to individuals and businesses to safely access services and transact with virtually one click.  As consumers migrate to e-commerce, companies should adopt greater technology to elevate security and customer experience. PSD2 is the ideal model to do this as global merchants recognize this as a good business practice.

A payment is a part where technologies, regulations and market drivers interact. Traditional banking and its rigid framework are being challenged by the futuristic wider range of easy-to-use, flexible and mobile payment solutions designed for consumer-centricity.