Will PSD2 Finally Kill The Password?

March 19, 2019
  • Knowledge – something only the user knows (password, PIN)
  • Possession – something only the user possesses (key material, token)
  • Inherence – something uniquely identifying to user (fingerprint, biometrics)
  • Out-of-band authentication: Does the solution evaluate authentication factors in a separate channel from that in use by the session or transaction being authenticated?
  • Configurable authentication methods: Such as biometrics, geofencing, pattern codes, and device proximity pairing.
  • Platform-agnostic: What online services does the solution support?
  • Decentralized, anonymous architecture: Eliminate or reduce the most common attack vectors associated with password-based authentication by moving credential storage to the user's device.
  • Dynamic Linking: SCA requires that authentication elementsshall generate an authentication code to the payer’s payment service provider, specific to the amount and payee agreed by the payer when initiating the transaction. Does the service meet this bar?
prestitial ad