What are the regulatory requirements that have to be met when making Internetbanking/ online payments?
Two s Identity components ensure true 2-factor authentication in accordance with the requirements of the PSD2 (Payment Services Directive 2), RTSs (Regulatory Technical Standards) and SCA (strong customer authentication).
These 2 components are:
- The 1st factor is possession:
e.g. pairing up of s Identity with a device (smartphone or PC/MAC) and the user numberĀ
- The 2nd factor is knowledge:
Secure access with a user-definable PIN code
SMS-only-based authorisation does not meet these requirements! SMS relies solely on the 'knowledge' factor (just as the password). SMS messages can be redirected by Trojan malware, for example, or disclosed on the telephone. On the phone, scammers will usually pass themselves off as a bank employee and ask the customer to tell them what the SMS says that they have just received.