The European Cards Stakeholders Group Responds to EBA’s Consultation on Regulatory Technical Standards

Earlier this month, the European Cards Stakeholders Group (ECSG) welcomed the opportunity to respond to the European Banking Authority (EBA) consultation on the draft regulatory technical standards on strong customer authentication and common and secure communication under PSD2. This response represents the first harmonised multi-sector response to a public consultation from the ECSG since its formation earlier this year.

Directive (EU) 2015/2366 on payment services in the internal market (PSD2) entered into force in the European Union on 12 January 2016 and will apply as of 13 January 2018. The PSD2 has conferred 11 mandates on the EBA, one of which relates to the development, in close cooperation with the European Central Bank (ECB), of draft Regulatory Technical Standards (RTS) on strong customer authentication and secure and common communications (Article 98 of the PSD2). The requirements cover strengthened customer authentication, enhanced protection of user’s security credentials and common and secure open standards for communications between the various types of providers in the payments sector.

Whilst focusing on four of the main questions, the ECSG’s response emphasises that establishing a workable balance between the need for payment security and end user convenience is critical to ensure the establishment of an innovative and competitive digital single market in Europe. Such a balance should be based on the key principles defined in Article 98 of PSD2.