Payment Service Directive 2
The Payment Service Directive (PSD2) aims to standardize the market, strengthen customer safety, and support technical innovation through increased competition. The new standard requires more robust identity controls, such as two-factor authentication for online payments.
Security Requirements
PSD2 is an updated version of the current payment service directive, PSD. The most significant difference between the two is that banks will now be forced to make their API:s more open and accessible. A result of this is that third-party services can use the banks' customer data and infrastructure. If the client first authorized it, internet payments can be initiated directly from their bank account. The directive enables more companies to enter the market and compete with traditional banks.
The PSD2 directive imposes new safety requirements regarding product and system development. Here are some of the requirements:
- Continuous testing of processes and security systems.
- Risk assessment – including identification and classification of functions, processes, and assets, as well as access control.
- Processes and functions continuously monitor business functions, transactions, and information assets with correlated measures to identify information leaks, vulnerable code, and generally known vulnerabilities.
- The framework for dealing with operative and security risks should be integrated into the risk management process.
- Continuity plans and ongoing continuity controls
The Power of Next-Gen Vulnerability Management
Maintaining a consistently updated and secure environment across the entire business can be difficult. Our Next-Gen Vulnerability Management Platform covers both technical and human assets so that you can discover, prevent, and respond to vulnerabilities effortlessly. Continuously educate employees on the latest cyber threats and find critical security gaps in your remote workforce, cloud systems, operational technology, and container environment. 365 days a year, 24 hours a day.