PIF joins pan-European initiative to express grave concerns with the European Banking Authority’s proposal to tighten customer authentication for online payments
Latest EBA proposal introduces disproportionate security requirements to the detriment of consumers, merchants and issuers of prepaid products
LONDON (28 November, 2016) – The Prepaid International Forum (PIF), the not-for-profit trade association for the prepaid financial services sector, has today added its signature to a letter to Vice-President Dombrovskis at the European Commission that outlines the potential harms the EBA’s proposed Regulatory Technical Standards on Strong Customer Authentication under PDS2 will have on both consumers and payment services providers.
The letter, which has been signed by 39 European and national organisations representing the payments, cards, e-commerce, small merchants, ICT and digital technology, telecoms, foreign trade, and leisure and travel industries, questions the EBA’s prescriptive approach by mandating strong authentication for all remote payment transactions over EUR 10, regardless of their risk.
The letter details concerns that the EBA’s proposals “diverge from its mandate under PSD2 by not allowing for the risk-based approach to authenticate customers and authorise fraud” and “will result in an increase in consumer harm by reducing customer trust in their payment methods, the choices open to them and restricting competition.”
Further, the letter includes open-source evidence to argue that risk-based authentication has been used successfully by the payments industry for many years and is already effective at reducing fraud.
An Annex to the letter also uses evidence to argue that:
- Legitimate customer transaction rates decrease when Strong Customer Authentication is used, and
- PSD2 does not require Strong Customer Authentication on all transactions over EUR 10, as included in the Draft RTS
Finally, the letter calls on the EBA to comply with its mandate and the objectives of PSD2 by:
- Including an exemption for the PSP based on the “risk of the service provided” by the payer
- Explicitly acknowledging the right of merchants and their PSPs to adopt alternative methods of authentication for low-risk transactions.
PIF Chairman, Craig James said:
“This letter reveals the enormous amount of concern the EBA’s proposal has created across all stakeholders in the European e-commerce sector.
“PIF strongly urges the European Commission to support the development of a regulatory framework that acknowledges the continued efforts of PSPs to mitigate fraud risks, while ensuring convenience for customers.”
The letter can be viewed here: https://paymentsinnovationforum.org/wp-content/uploads/2016/11/Cross-industry-letter-to-Commissioner-Dombrovskis-re-EBA-strong-authentication-standards.pdf
###
NOTES TO EDITORS
About PIF
The Prepaid International Forum (PIF) is a principal trade association for the prepaid industry. We believe that prepayment is a responsible way to pay for goods and services, and that consumers should be confident in the security of prepaid services and the money that is stored on their behalf.
Established in 2006 as a not-for-profit organisation, PIF works closely with industry, regulators, government departments, consumer bodies and the media to promote understanding of prepaid as well as providing support and education to proponents of prepaid worldwide. To learn more about PIF visit www.paymentsinnovationforum.org
For further information
Diane Brocklebank
Prepaid International Forum
T: +44 (0) 7736 971 986