PSD2 Compliance PSD2 Compliance

PSD2 Compliance

As the trusted security partner to the world’s leading banks, we provide expert industry and technical guidance for PSD2 compliance.

Are You Ready?

Banks and Third-Party Providers (TPP) have to comply with the PSD2 requirements on Strong Customer Authentication by September 14, 2019.

OneSpan provides solutions to meet the PSD2 requirements, specifically dynamic linking, mobile app security, and transaction risk analysis. Across Europe, banks have implemented our patented Cronto technology to meet the dynamic linking requirement. Through our app shielding technology, we ensure that mobile banking apps run inside a secure execution environment, protected against malware. And our risk analysis engine analyzes and scores hundreds of user, device, and transaction data in real-time, to determine the precise authentication requirements for each financial transaction – continuously protecting consumers from fraud.

To guide our customers’ compliance efforts, we pair our technology with a consultative approach. We have developed extensive contacts with banking regulators throughout Europe in order to provide sound advice on PSD2 authentication requirements and ensure our customers comply in all the countries where they do business.

Need Answers fast? Ask the PSD2 Expert.

Visit the PDS2 Questions & Answers Forum and receive rapid responses to all submitted questions

Compliance Criteria

Five security criteria that must be fulfilled to achieve PSD2 compliance
  • Check-mark

    Strong Authentication

    Authentication must be based on two or more factors, including passwords or PIN, tokens or mobile devices, or biometrics

    Select the right authentication
  • Check-mark

    Transaction Risk Analysis

    Mandates the use of transaction risk analysis to deter fraudulent payments

    How to prevent fraud
  • Check-mark

    Replication Protection

    PSD2 mandates the use of dedicated mobile app cloning counter-measures in applications

    How to do this
  • Check-mark

    Dynamic Linking

    For payment transactions, the authentication code must be dynamically linked to both the amount and payee

    Perform dynamic linking
  • Check-mark

    Independent Elements

    Payment service providers must adopt security measures to mitigate the risk resulting from compromised mobile devices

    Implement app shielding

Our Capabilities

Customizable client, server, hardware, software, and cloud-based options to meet all your PSD2 compliance needs
  • ordered-list-1.svg

    Adaptive Authentication

    Intelligent authentication solution designed to drive growth by improving the customer experience and reducing fraud

    Learn more
  • two

    Authentication Software

    Extensive solution suite includes leading biometric, OOB options for frictionless mobile authentication

    Learn more
  • three

    Mobile App Security

    Mitigate malicious attacks and reduce exposure to fraud, as required by PSD2

    Learn more
  • four

    Authentication Hardware

    DIGIPASS® two-factor authenticator tokens deliver strong, cost-effective security

    Learn more
  • five

    Risk Analytics

    Sophisticated risk analytics engine leveraging machine learning to better detect fraud in real time

    Learn more
Raiffeisen Italy Logo

Customer Use Case

Learn how Raiffeisen Italy implemented mobile authentication & mobile app shielding for PSD2 compliance and ease of use.

Contact Us

Do you have questions about PSD2? Get the information you need, fast.