Our latest insights

How Okay Can Help with PSD2 RTS SCA Compliance

Share this post

How Okay Can Help with PSD2 RTS SCA Compliance


Okay started its compliance journey back in 2015 with our first security evaluation. As this was before the PSD2 was finalised, the target of the evaluation was to meet the European Central Bank’s “Recommendations for the Security of Internet Payment.” These recommendations were perhaps the first official documents where the term “Strong Customer Authentication” (SCA) was used.

Recently, we did a similar evaluation against the RTS, also known as the “Regulatory Technical Standards on Strong Customer Authentication and Secure Communication Under PSD2” (2017), which was also a success. For both evaluations, we followed the same four-step methodology:

  • Build a formal model of the Okay solution
  • Go through the requirements paragraph for paragraph
  • Evaluate whether the requirement was relevant for SCA
  • Verify if the requirement was fulfilled by the model

But why did we do these evaluations? Of course they are required. But you can also use the evaluations to help uncover issues and design challenges, proving to your customers that the security your solution provides meets compliance standards, is well tested, and strong.

Where Can Okay Help?

As a technical provider, Okay’s primary goal is to help with securing authentication and transaction authorisations, including all the technical requirements that follow once that has been done.

We also help you meet your compliance requirements by sharing documentation produced by internationally recognised independent third parties. This allows you to create both declarations of conformity and security reports, demonstrating your regulatory requirement compliance to auditors and supervisory authorities.

Read the full article at okaythis.com/blog.

Who is Okay?

Okay is the fully PSD2 compliant Strong Customer Authentication platform that provides transaction and authentication security to apps, shielding the entire authentication process from any threats. We help all issuers, remittance services, and e-wallet providers comply with PSD2’s SCA requirements to deliver multiple authentication methods, including biometrics and strong security mechanisms at the point of transaction. Want to get to know us better? Visit okaythis.com.

More To Explore

Login or Register

Don't have an account?

Are you part of the Payments Association community?

Not yet set up your login for the Payments Association Community Platform? Set it up now

Set up a free account for instant access to our content

You don’t need to be an Payments Association member to view the majority of our content. Simply enter your details below once to set up your login details and get access to our library of whitepapers, podcasts, consultation papers, webinars and more.

First Name*
Last Name*
Company Name*
Job Title*
Business Email Address*
Confirm Password*
The Payments Association exist to help drive the industry forward. As such the Payments Association may contact you about any future content or events that we think you may have a legitimate interest in. We will store your information securely and will never share your details with third parties other than the relevant resource(s) sponsor(s)/curator(s). You may opt out at any time. By clicking register you are agreeing to the terms of our Privacy Policy.

← back