Our latest insights

How Okay Can Help with PSD2 RTS SCA Compliance

Share this post


Okay started its compliance journey back in 2015 with our first security evaluation. As this was before the PSD2 was finalised, the target of the evaluation was to meet the European Central Bank’s “Recommendations for the Security of Internet Payment.” These recommendations were perhaps the first official documents where the term “Strong Customer Authentication” (SCA) was used.

Recently, we did a similar evaluation against the RTS, also known as the “Regulatory Technical Standards on Strong Customer Authentication and Secure Communication Under PSD2” (2017), which was also a success. For both evaluations, we followed the same four-step methodology:

  • Build a formal model of the Okay solution
  • Go through the requirements paragraph for paragraph
  • Evaluate whether the requirement was relevant for SCA
  • Verify if the requirement was fulfilled by the model

But why did we do these evaluations? Of course they are required. But you can also use the evaluations to help uncover issues and design challenges, proving to your customers that the security your solution provides meets compliance standards, is well tested, and strong.

Where Can Okay Help?

As a technical provider, Okay’s primary goal is to help with securing authentication and transaction authorisations, including all the technical requirements that follow once that has been done.

We also help you meet your compliance requirements by sharing documentation produced by internationally recognised independent third parties. This allows you to create both declarations of conformity and security reports, demonstrating your regulatory requirement compliance to auditors and supervisory authorities.

Read the full article at okaythis.com/blog.

Who is Okay?

Okay is the fully PSD2 compliant Strong Customer Authentication platform that provides transaction and authentication security to apps, shielding the entire authentication process from any threats. We help all issuers, remittance services, and e-wallet providers comply with PSD2’s SCA requirements to deliver multiple authentication methods, including biometrics and strong security mechanisms at the point of transaction. Want to get to know us better? Visit okaythis.com.

More To Explore