On September 28, 2020, the Security & Trust Unit held the webinar “Strong Customer Authentication for the PSD2: security issues and possible mitigations to share with end users”, in the context of the Digital Finance Academy for Security within the FINSEC European Project.
The webinar deals with authentication and authorization protocols in the financial scenario from a security perspective. First, we focus on the Payment Services Directive 2 (PSD2) and its consequences on accessing payment accounts online or initiating electronic payment transactions. For this, we give an overview of the pros and cons underlying the Strong Customer Authentication (SCA) processes introduced by this directive and then analyze real protocols before and after the adoption of the PSD2 to highlight the benefits in terms of security (if any). Finally, we provide financial institutions with a list of best practices and security suggestions to share with their end users, to make them aware of common attacks such as phishing and malware.
The recording of the webinar can be found below:
Related Project
- FINSEC (Integrated Framework for Predictive and Collaborative Security of Financial Infrastructures)
Related Publications
-
Federico Sinigaglia, Roberto Carbone, Gabriele Costa, Silvio Ranise
MuFASA: A Tool for High-level Specification and Analysis of Multi-factor Authentication Protocols
In: Emerging Technologies for Authorization and Authentication (ETAA 2019) (DOI, complementary material, news)
