The deadline for initial notification has been significantly extended from 2 to 4 hours following identification of the incident. Due to reorganization of the three notification types, it is no longer necessary to provide as much information in the initial and interim notifications. This is due to the newly introduced “completion” of the notification forms, meaning that only the final report needs to contain all information pertaining to the incident. The criteria previously referred to as “Level 1” and “Level 2” proved insufficiently self-explanatory and have been replaced by the terms “Lower Impact Level” and “Higher Impact Level.” For the Higher Impact Level criterion, the number of transactions concerned has been increased from one million to five million euros.

Continue

The EBA public hearing on Regulatory Technical Standards, specifying the requirements on strong customer authentication and common secure communication under PSD II, took place on September 23. The public hearing is an integral part of the consultation phase and regularly provides a summary of the initial consultation phase, as well as an insight into how the RTS are likely to shape up. Starting with the main points of development concerning RTS, which are reflected in the Consultation Paper [compare “Customer Authentication for Cashless Transactions: Impacts of the New RTS (Regulatory Technical Standards) under PSD II“ post], the major points of discussion during the hearing are detailed below.

Continue

The regulator urges various initiatives for financial institutions to create access to data and information by third parties, whose seclusion is not justified. Details of this market opening in the financial industry, fostered by the Payment Service Directive PSD II, have been specified in two major points recently published as “RTS” (Regulatory Technical Standards) by the EBA: strong customer authentication and secure communication for electronic payment services. These regulations have major consequences on the current standards and established processes with cashless transactions.

Continue

If we consider that 40 percent of global value creation is already based on information and communications technology, it is clear that secure and sound IT infrastructures will be an important factor in selecting a business location in the future. With Germany’s cyber security strategy, the German government is pursuing the goal of guaranteeing cyber security at the highest level, establishing Germany as one of the most secure digital locations in the world.

Continue