‘Stronger’ Strong Customer Authentication Boosts Fraud Prevention

Strong_Customer_Authentication Feautured ImageGUIDQW146

As PSD2 or Payment Service Providers Directive has been used across European countries, some difficulties are also that some merchants and issuers can implement effectively. Some factors such as high costs and long implementation cycles have resulted in high cart abandonment rates for e-commerce. Additionally, some methods included in strong customer authentication can still be vulnerable to fraudulent acts.

PSD2 Requirements for Strong Customer Authentication

Requirements in strong customer authentication under PSD2 fall into two classifications. The first category covered by articles 6, 7, and 8 outlines the need for multi-factor authentication in at least two out of the three following elements:

  1. Something known – PIN or a password
  2. Something owned – mobile phone, laptop, security key
  3. Something you are – a biometric like a fingerprint or face ID

The second category outlined in article 9.3 states the requirement that authentication devices should maintain the independence of authentication methods, specifically the provision that the two authentication elements being used are in no way interacting.

Vulnerabilities of Strong Customer Authentication

Strong customer authentication can still be vulnerable to threats posed by hackers and fraudsters, especially if they have sufficient knowledge on countering the measures of added security through these three primary means:

1. Social Engineering or phishing is designed to trick users into providing personal information like usernames and passwords. It is usually done involving one’s bank account that is sent through emails or SMS.

2. SIM Swapping begins when a fraudster pretends to be the mobile phone owner while they contact the phone company. 

3. Malicious Accessibility, wherein hackers exploit both known and unknown vulnerabilities. It is also known as a zero-day exploit that takes advantage of a vulnerability before any fraud prevention measures and actions can be taken. 

While enterprises online are responsible for protecting your personal information, it is also essential that you make continuous effort to be careful with your personal information these days. If you want to know more about strong customer authentication to boost fraud prevention, head over to Login ID for more details.

While enterprises online are responsible for protecting your personal information, it is also essential that you make continuous effort to be careful with your personal information these days. If you want to know more about strong customer authentication to boost fraud prevention, head over to Login ID for more details.

LOGIN ID - ‘Stronger’ Strong Customer Authentication Boosts Fraud PreventionHDIWA14631

Related posts

Leave a Comment