VISA's view on PSD2 Strong Authentication Requirements

https://www.visaeurope.com/media/images/psd2%20position%20paper%20nov%202016-73-40837.pdf

EBA have apparently not realized that authentication is one of the most thorny and political issues you can find and making it scale like PSD2 presumes makes it way worse.

After looking into this topic I have come to the conclusion that there are two entirely different kinds of third-party payment services that could be covered by PSD2.

One is effectively based on limitations in the banks' on-line payment solutions. SOFORT, IDEAL, and a bunch of similar services in other places in the world belong to this category. Since Apple and Google have recently begun shipping state-of-the-art solutions for on-line payments that unlike the mentioned schemes also have global coverage we can safely deduct that this is an already solved problem and the market for such services will be severely disrupted.

The other type of payment services are "social payments" which are more interesting (and challenging) because they build on delegation of rights to their customers' bank accounts. That is, a logged-in Venmo user can without any user-related interaction with their bank perform payment operations with other Venmo users.

Anders

Received on Friday, 2 December 2016 08:23:57 UTC