PSD2 and strong customer authentication
The deadline for EU member states to implement PSD2 is January 2018. This mandates that banks open up access to certain of their services to third parties and mandates that strong customer authentication (SCA) is used to assert identity when accessing these services or performing risky functions – eg making a payment.
GDPR penalties for data breach
The GDPR applies from May 2018 and governs, amongst other things, the way in which personal information, including security credentials, should be looked after. Failure to comply could give rise to