FW: Internet Payments in EU from David Ezell on 2015-02-23 (public-webpayments-ig@w3.org from February 2015)

From: David Ezell <David_E3@VERIFONE.com>
Date: Mon, 23 Feb 2015 20:34:07 +0000
To: "public-webpayments-ig@w3.org" <public-webpayments-ig@w3.org>
Message-ID: <54C00E24834FCE47B11EC129A84E7F78CCAE432F@VF2WDEXMB1.verifone.com>

Dear Web Payments folks:

Below is an email from our friend Alan Thiemann, currently chair of ISO12812 and colleague from NACS.  He has raised the fact that a new requirement from the European Banking Authority requires “two-factor authentication on all e-payments.”

It looks like this requirement (regulatory) may have an impact on every use case we’re working on.

Thoughts welcome.

Best regards,
David

From: Alan Thiemann [mailto:ajthiemann@gmail.com]
Sent: Saturday, February 21, 2015 1:05 PM
To: Gray Taylor; Linda Toth; David Ezell
Subject: Internet Payments in EU

Folks,

https://www.linkedin.com/pulse/eba-security-guidelines-immediate-action-required-payment-lycklama?trk=prof-post


The European Banking Authority issued a new requirements document covering all Internet payments that will become effective this year (I understand it must be adopted within 6 months of each country's act of approving the EBA document).

Essentially, this is going to require two-factor authentication on all e-payments, including credit transfers (i.e., ACH).  Ironically, EMVCo has stated it won't have its specification ready until 2016, so there will obviously be a lag in adoption.  There is also some question about its application to issuers outside of the EU who handle transactions within the EU.  THIS BEARS LOOKING AT.

David, has W3C done anything about this?

Alan

--
Alan J. Thiemann
Law Office of Alan J. Thiemann
700 12th Street, NW
Suite 700
Washington, DC  20005
(202) 904-2467
(202) 558-5101  fax
________________________________
This electronic message, including attachments, is intended only for the use of the individual or company named above or to which it is addressed. The information contained in this message shall be considered confidential and proprietary, and may include confidential work product. If you are not the intended recipient, please be aware that any unauthorized use, dissemination, distribution or copying of this message is strictly prohibited. If you have received this email in error, please notify the sender by replying to this message and deleting this email immediately.

Received on Monday, 23 February 2015 20:35:00 UTC