The Payment Services Directive (PSD2) and the General Data Protection Regulation (GDPR): two new regulations that have brought fundamental changes to the banking and fintech sector in the EU this year.
GDPR emphasizes individuals’ rights to protect their personal data, while PSD2 is aimed at improving payment security, reducing fraud and making customer account information more accessible to ‘new players’ in the sector.
In order to achieve compliance to both PSD2 and GDPR, companies need to meet the requirements prescribed by the new regulations, which is not always that straightforward.
The XTN Cognitive Security Platform® is designed to respond to the customer’s compliance requirements.
A frictionless approach to PSD2
One of the new payment requirements under PSD2 is the mandatory Strong Customer Authentication (SCA). This authentication method is based on the use of two or more elements categorized as knowledge (e.g. a password), possession (e.g. a mobile device) and inherence (e.g. a biometric, such as a fingerprint). While SCA helps to reduce fraud, it can also introduce friction to the user experience.
At XTN®, we believe that PSD2 should provide a smooth end user experience. By combining state-of-the-art SCA with risk evaluation and integrated exemption management, we obtain the lowest friction possible when the end user accesses a payment service.
XTN Cognitive Security Platform® fully complies with PSD2’s requirements regarding SCA and pays specific attention to the mobile endpoint and the report as prescribed by the regulation. We are able to trigger SCA using contextual risk score and evaluating exceptions in real time. Our Platform offers complete management of the SCA flow and our reporting console offers a detailed view of all parameters related to PSD2 auditing.
Download our whitepaper on PSD2 for more details about the impact of PSD2 on fraud prevention.
GDPR – privacy through endpoint protection
We think that end user privacy should be a central concern for any digital service. For XTN®, protecting user privacy means having a strong Digital Identity when accessing a user’s data and ensuring a secure Digital Posture when accessing critical services.
Data breaches can be prevented by protecting the endpoints used to access sensitive information. XTN® technology enables customers to have continuous and precise control of endpoint security, which provides adequate data protection. We also ensure a reliable and solid digital identity, a basis for interaction with the end user, without collecting sensitive data that would compromise user privacy.
Why endpoint protection is crucial for user privacy, is described in our whitepaper on malware.