FIDO Alliance makes recommendations for EBA strong consumer authentication standard

February 14, 2016 - 

The FIDO Alliance announced that it had submitted comments to the European Banking Authority (EBA) on their “Discussion Paper on future Draft Regulatory Technical Standards on Strong Customer Authentication and Secure Communication” under the revised Payment Services Directive (PSD2).

The EBA is currently developing a regulatory technical standard for strong consumer authentication for payment service providers across Europe, as enforced by PSD2.

The standards are intended to establish the requirements for strong authentication for access to online payment accounts, conducting electronic payment transactions and/or enabling third party access to payment accounts at consumers’ request.

Back in December, the EBA sent out a discussion paper to gain outside feedback and potentially incorporate these recommendations before launching its standards development process.

In its response to the EBA, the FIDO Alliance explain how FIDO-compliant implementations that adhere to security best practices should be considered prime examples of the EBA’s efforts to create simpler, stronger authentication capabilities that both merchants and consumers will adopt at scale.

In addition, the FIDO Alliance states that the EBA’s acceptance of FIDO’s public key cryptographic architecture, particularly when coupled with on-device biometrics, will lower the chance of security breaches and online fraud for payment service providers while helping to increase overall online payment volume through a more seamless user experience.

“We are encouraged that the EBA has taken an inclusive approach and invited stakeholders in the payments market to provide input into the development of their regulatory requirements,” said Brett McDowell, executive director of the FIDO Alliance.

In November, the FIDO Alliance submitted the FIDO 2.0 platform enablement components to World Wide Web Consortium (W3C), which marked the first time the Alliance submitted their specifications to an outside standards developing organization.

Leave a Comment


About Justin Lee

Justin Lee has been a contributor with Biometric Update since 2014. Previously, he was a staff writer for web hosting magazine and website, theWHIR. For more than a decade, Justin has written for various publications on issues relating to technology, arts and culture, and entertainment. Follow him on Twitter @BiometricJustin.