The European Banking Authority (EBA) published today its final draft Regulatory Technical Standards (RTS) on strong customer authentication and common and secure communication. These RTS, which were mandated under the revised Payment Services Directive (PSD2) and developed in close cooperation with the European Central Bank (ECB), pave the way for an open and secure market in retail payments in the European Union.
Following 18 months of intensive policy development work and an unprecedentedly wide number of stakeholders’ views and input, these final draft RTS are the result of difficult trade-offs between the various, at times competing, objectives of the PSD2, such as enhancing security, facilitating customer convenience, ensuring technology and business-model neutrality, contributing to the integration of the European payment markets, protecting consumers, facilitating innovation, and enhancing competition through new payment initiation and account information services.
The EBA received 224 responses to its Consultation Paper, in which more than 300 distinct concerns or requests for clarifications were raised. In the feedback table published today as part of the RTS, the EBA has summarised each one of them and provided its assessment as to whether changes have been made to the RTS as a result of such concerns.