FB pixel

BioCatch pitches behavioral biometrics as second factor for PSD2 to stop fraud through third parties


The third-party payment providers (TPPs) that financial institutions must allow to connect to their systems through open APIs under PSD2 represent a vulnerability that will be targeted by fraudulent actors, according to a BioCatch blog post.

PSD2 is intended to make online payments easier, flexible, and secure, but many of the security and fraud controls in place at European banks are not set up to monitor sessions originating with TPPs, and will not be able to stop attacks from that vector, BioCatch says. TPPs are subject to fraud detection standards, but any fraudulent accounts they allow to open must be identified after the fact by financial institutions to prevent attacks from being successful.

The Strong Customer Authentication (SCA) section of PSD2 requires two-factor authentication, and behavioral biometrics can be used to satisfy this requirement without introducing friction to the user experience, according to the blog. Continuous monitoring of users before and after login allows financial institutions to identify fraud, and stop account takeover attacks in the initial authentication or re-authorization process. It also allows them to monitor the success rate of TPPs acting as secure partners.

BioCatch recently deployed Redis Enterprise VPC to handle its rapidly scaling customer base, for which it processes 5 billion transactions per month for 70 million customers.

Article Topics

 |   |   | 

Latest Biometrics News


Cybercrime and identity fraud: an Olympic challenge

By Grigory Yusupov, Regional Director UK and Rest of the World (ROW) at IDnow The Paris 2024 Olympics is set…


IDV providers respond to growing consumer demand for stronger fraud prevention

A range of digital identity and financial fraud prevention capabilities and solution updates have been released just as Veriff issues…


Biometrics developers dance with data privacy regulations continues

Biometrics controversy and investments are often found side by side, as seen in many of this week’s top stories on…


EU AI Act should revise its risk-based approach: Report

Another voice has joined the chorus criticizing the European Union’s Artificial Intelligence Act, this time arguing that important provisions of…


Swiss e-ID resists rushing trust infrastructure

Switzerland is debating on how to proceed with the technical implementation of its national digital identity as the 2026 deadline…


Former Jumio exec joins digital ID web 3.0 project

Move over Worldcoin, there’s a new kid on the block vying for the attention of the digital identity industry and…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events