Device Hardening and Continuous Compliance Monitoring CONTINUOUS COMPLIANCE

Had an interesting update on PSD2 (the EU Payment Services Directive) from Jeremy King (International Director, PCI Security Standards Council) during the latest quarterly PCI UK Merchants Working Group meeting yesterday.

PSD2 recommendations and standards apply to all payment service providers offering internet payment services.

This includes internet card payments (including virtual cards and card data registered in e-wallets), online credit transfers and ACH/direct debit internet payments. In essence, the evolving 3-D Secure systems (aka Super 3D).

Key aspects relate to the need for an Annual Security and Risk Assessment and also that breach notifications have been made mandatory. In the UK, the FCA will be the authority for PSD2 although the ICO (Information Commissioners Office) may also be involved for breach accountability.

Current plans appear to be that, when the EU Presidency passes from Italy to Latvia in 2015, the pilot implementation for PSD2 will be run in Latvia. A 2 year trial period has been proposed with EU-wide enforcement thereafter in 2017.

However, the European Banking Authority and the ECB have also just announced that they will be using the latest SecuRE Pay (the European Forum for the Security of Retail Payments) recommendations, and have agreed to issue guidelines based on the SecuRe Pay recommendations, which will enter into force in August 2015.

Either way, for European internet payment service providers, greater legislation and governance requirements are coming soon.

Read more on PSD2 and SecuRE Pay here

Share this blog post

Products
USA Offices
New Net Technologies Ltd
Naples
9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email USinfo@nntws.com
NNT Logo
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
email info@newnettechnologies.com
Connect with NNT
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Sign up to NNT's IT security and compliance monthly newsletter. Get breaking security news, how-to tips, trends and commentary direct to your inbox.

Sign up to the NNT newsletter