We take a look at a number of payment-related publications. Let's focus on fraud
Slide
We take a look at a number of payment-related publications. Let's focus on fraud
The EBA anticipates an increase in fraud levels on instant payments until all PSPs in the Euro zone support verification of the beneficiary's name with the IBAN. To actively combat the 3 types of fraud characterized by the EBA, i.e. payer manipulation, mixed social and technical engineering scams and compromising the registration process, the EBA is issuing 5recommendations that will impact PSPs Payer or Paid if adopted in the PSD3 / PSR package. These include, in particular, measures to clarify the notion of gross negligence as a means of shifting responsibility for fraud onto the Payer, or the introduction of a single EU-wide platform to increase cooperation between all PSPs in sharing fraud data and patterns.
Since June 2024, the Banque de France has been imposing specific measures for remote card payments without strong authentication (SCA), where the fraud rate is twice as high as with strong authentication. The most stringent measure is to limit the number of MOTO payments a cardholder can make at a single merchant to €100 per 24 hours.
The CNIL reiterates that the implementation of multifactor authentication (MFA) must comply not only, where applicable, with DSP2/RTS obligations but also with RGPD requirements. It therefore wants players to always be able to justify the purpose of data collected for MFA purposes, reminds us of the need to protect the authentication factors selected and insists that profiling based on personal data (transaction trail, purchasing behavior, ...) to reinforce an MFA cannot give rise to a fully automated "decision".
EMVCo has published a new version 1.0 of its white paper, designed to facilitate technical understanding and proper use of the essential functions of the 3D Secure protocol. Three topics are covered, with concrete details on the 3DS data used, its interpretation by the Issuer, and the possible impact on the cardholder's side:
- 'Device Binding & Trust Listing' (to improve ACS risk analysis and the Frictionless rate),
- 'Out-Of-Band authentication' and
- 'Recurring & Instalment Transactions'.
For more information, or if you would like to receive our complete watch, please write to us: contacteznous@oaklen.eu
.png)
.png)
.png)
