PSD2 Compliance PSD2 Compliance

PSD2 Compliance

As the trusted security partner to the world’s leading banks, we provide expert industry and technical guidance for PSD2 compliance.


The EU Payments Services Directive (PSD2) contains requirements related to Strong Customer Authentication (SCA). Financial institutions must comply with these requirements by September 2019. However, specific Payment Service Providers (PSPs) could qualify for an exceptional extension in the context of card payments for e-commerce according to a recent EBA Opinion.

OneSpan provides solutions to meet PSD2 SCA requirements, including two-factor authentication, dynamic linking, mobile app security and transaction risk analysis. To guide our customers’ compliance efforts, we pair our technology with a consultative approach. We provide expert advice on PSD2 requirements and ensure our customers comply in all the countries where they do business.

Need Answers fast? Ask the PSD2 Expert.

Visit the PSD2 Questions & Answers Forum and receive rapid responses to all submitted questions

Compliance Criteria

Five security criteria that must be fulfilled to achieve PSD2 compliance

  • Check-mark

    Strong Authentication

    Authentication must be based on two or more factors, including passwords or PIN, tokens or mobile devices, or biometrics

  • Check-mark

    Transaction Risk Analysis

    Mandates the use of transaction risk analysis to deter fraudulent payments

  • Check-mark

    Replication Protection

    PSD2 mandates the use of dedicated mobile app cloning counter-measures in applications

  • Check-mark

    Dynamic Linking

    For payment transactions, the authentication code must be dynamically linked to both the amount and payee

  • Check-mark

    Independent Elements

    Payment service providers must adopt security measures to mitigate the risk resulting from compromised mobile devices

Our Capabilities

Customizable client, server, hardware, software, and cloud-based options to meet all your PSD2 compliance needs

  • ordered-list-1.svg

    Adaptive Authentication

    Intelligent authentication solution designed to drive growth by improving the customer experience and reducing fraud

  • two

    Authentication Software

    Extensive solution suite includes leading biometric, OOB options for frictionless mobile authentication

  • three

    Mobile App Security

    Mitigate malicious attacks and reduce exposure to fraud, as required by PSD2

  • four

    Authentication Hardware

    DIGIPASS® two-factor authenticator tokens deliver strong, cost-effective security

  • five

    Risk Analytics

    Sophisticated risk analytics engine leveraging machine learning to better detect fraud in real time

Raiffeisen Italy Logo

Customer Use Case

Learn how Raiffeisen Italy implemented mobile authentication & mobile app shielding for PSD2 compliance and ease of use.

Contact Us

Do you have questions about PSD2? Get the information you need, fast.