Following our very own Rob Malcolm’s appearance, alongside Andrew Bud, founder and CEO of iProov and Tim Green from the MEF, on the MEF Connects Digital webinar: PSD2 & Strong Customer Authentication – Creating Seamless Customer Journeys, here’s a few points that were discussed. If you’d like to listen to the whole webinar, head over to the MEF site and check out the full story.
- Commenting on how PSD2 relates to CLX, Rob explained that “messaging has formed the basis of many types of authentication criteria”, going on to say that “CLX are now processing some 20 billion SMS, with 25% of them being Two Factor Authentication (2FA) codes or one-time passwords.”
- Talking about how SIM swapping might affect authentication when it comes to PSD2, Rob commented that “this has been in the news / media a lot over the past 12 – 24 months, but what needs to be remembered, is that even if a fraudster performs a SIM swap they still need two things to complete the scam: They have to know something that only you know, like a password, and they have to intercept the SMS or voice call.”
Some technological advancements have been seen regarding SIM swapping over the last 12 months from Mobile Operators in both the UK and Ireland, who are now starting to offer APIs to trusted third parties, so that they can determine if a SIM card has been switched in the last 48 hours. “This can be an important additional factor that a bank, financial institution or payment service provider can use to determine if something strange is going on,” said Rob.
Making the observation that “wherever there is money, fraud is likely to follow, and PSD2 has done well to try and limit it,” Rob went on to discuss the hot topic of RCS and how this might be affected by PSD2 requirements. When it comes to moving payments to new environments like RCS sessions, “being able to authorize and authenticate yourself in an RCS session to pay for something, without having to get your credit card out is a very attractive prospect”, but we’re not there quite yet. There is a lot of innovation in this area right now from banks and credit card providers to make this process seamless, whilst still complying with PSD2.
Get the full picture by downloading the entire recorded webinar here.