The European Commission has adopted new rules to make business cards more secure and make online payments made online, to significantly reduce the level of payment fraud and protect the confidentiality of users’ financial information, the EU commission said on Monday.
The information underlines that under the new rules, in order to make electronic payments safer and more reliable, pre-payment authentication must be carried out using at least two independent elements, for example a combination of a physical object card or mobile phone and a password or biometric identifier (such as a fingerprint) . Just entering a password or credit card will no longer be enough to make a payment in most cases. In some cases, the two independent elements will also require a code that is valid for that transaction.
The rules take into account that, in some cases, the level of payment security can be guaranteed by methods other than the use of two independent elements for strong customer authentication. Payment service providers may be exempted from this requirement by identifying fraudulent transactions by using transaction risk assessment procedures. Exemptions may also apply to small amounts of touch payments and transactions, as well as some specific types of payment, such as the payment of public transport or parking fees.
The rules also set out the obligations of banks and service providers offering innovative payment solutions and billing information, enabling consumers to access innovative services offered by third party service providers called FinTech as companies. However, they maintain the data protection and security requirements for EU consumers and businesses and lay down detailed rules for uniform security standards for communications between banks and FinTech companies.
The regulation states that all banks providing online account access must cooperate with FinTech companies and other financial institutions providing such new services.
FinTech services include payment solutions and tools that help aggregate personal account management by aggregating data from different accounts.
Source: MTI / Image: computerworld.hu /