EU Urges Online Payments Security

What's Next In Payments®
1:16 PM EDT January 31st, 2013

The European Central Bank (ECB) has released a comprehensive set of “Recommendations for the security of internet payments”, following a two-month public consultation carried out in 2012. The core recommendation is that the initiation of Internet payments as well as access to sensitive payment data should be protected by strong customer authentication to ensure that it is a rightful user, and not a fraudster, initiating a payment.

The Recommendations represent the first achievement of the European Forum on the Security of Retail Payments (SecuRe Pay) a voluntary cooperative initiative between relevant authorities from the European Economic Area (EEA) – supervisors of payment service providers and overseers in particular – formed with the objective of facilitating common knowledge and understanding of issues related to the security of electronic retail payment services and instruments and, where necessary, issuing recommendations.

During the consultation, 17 EU countries made comments, which resulted in harmonized minimum-security recommendations. The final recommendations, key considerations and best practices specified in the report for the security of internet payments are applicable to governance authorities of payment schemes and all payment service providers (PSPs) that provide internet payment services, such as: internet card payments . Other market participants, such as e-merchants, are encouraged to adopt some of the best practices.

In addition to stronger customer authentication measures, the ECB recommended that the number of log-in or authentication be limited and asked that rules for Internet payment services session “time out” be defined. It also asked to establish transaction monitoring mechanisms designed to prevent, detect and block fraudulent payment transactions and to implement multiple layers of security defences in order to mitigate identified risks.

The detailed recommendations will be integrated into existing oversight frameworks for payment schemes and supervisory frameworks for PSPs and are to be considered as common minimum requirements for internet payment services. The members of the Forum are committed to supporting the implementation of the recommendations in their respective jurisdictions and will strive to ensure effective and consistent implementation within the EEA.

The recommendations should be implemented by PSPs and governance authorities of payment schemes by 1 February 2015.

Topics:
Comments
Also by This Author
What's Hot
Mobile Commerce
SuperGroup Appoints Asda’s Customer Director to Lead eCommerce
Merchant Innovation
Where Is the Second “Bitcoin” Boulevard?
Mobile Commerce
Pulsates Focuses on Marketing iBeacon Technology
Mobile Commerce
Topseos.com Unveils SEO.com as Fourth Top eCommerce Search Engine
View All Articles ››
You May Also Like
Company Spotlight
Different mPOS Strokes for Different mPOS Folks
International
Digital River Offers A Sneak Peak At Mobile eCommerce Trends
Mobile Commerce
Trustwave Buys Cenzic To Beef Up App Testing Capability
Mobile Commerce
SuperGroup Appoints Asda’s Customer Director to Lead eCommerce
Merchant Innovation
Where Is the Second “Bitcoin” Boulevard?
Mobile Commerce
Topseos.com Unveils SEO.com as Fourth Top eCommerce Search Engine
Mobile Commerce
Pulsates Focuses on Marketing iBeacon Technology
View All Articles ››