accelerated security certification accreditations Approvals Career career Checking electronic components in payment transactions Compliance in banks Compliance within banks General General

Certification body for strong customer authentication: SRC receives DAkkS accreditation

Author: 1

PSD2: Strong customer authentication and need for action for third-party providers

The second EU Payment Services Directive (Payment Services Directive 2 – PSD2) has been in force since January 13, 2018. It obliges banks to set up interfaces to allow third-party providers access to their customers’ account data. Third-party providers are FinTechs and payment service providers that want to initiate payments or view customer account data for their business purpose. Provided that the customer wishes to do so and actively consents, third-party providers certified by the German Federal Financial Supervisory Authority (BaFin) can request account information or initiate payments on the basis of PSD2. The new PSD2 regulations will come into force on September 14, 2019. In addition, the PSD2 provisions on strong customer authentication in electronic payment transactions will also come into force at the same time.

Certification of third-party providers by the accredited SRC certification body

Not just any third-party provider is granted access to customer account information. This privilege – access to account information or the initiation of payments – is reserved for certified third-party providers. By certifying your product/solution for the implementation of “Strong Customer Authentication”, you give your customers and, if applicable, other parties (e.g. authorities) the confidence that the product/solution meets the requirements of PSD2/RTS. Certification serves to increase acceptance and facilitates market access or is intended to make this possible in the first place.

Your SRC certificate – Approved Security!

In this context, SRC’s certification body was accredited by the German Accreditation Body (DAkkS) in accordance with the requirements of the ISO 17065 standard. The DAkkS as the accrediting body and SRC as the certification body are identified by their own logos. The certification of your product/solution includes, in particular, impartial and competent proof that it meets the requirements of PSD2. Your customer can see the product name, the requirements met, the certification body and its basis for accreditation (ISO 17065) on the certificate.

This article was also published on:
Press contact:
Patrick Schulze
WORDFINDER GmbH & CO. KG Lornsenstraße 128-130 22869 Schenefeld