EBA consults on implementation of guidelines on internet payments security

On 20 October 2014, the European Banking Authority (EBA) published a consultation paper on the implementation of draft EBA guidelines on the security of internet payments prior to the transposition of the revised Payment Services Directive (PSD2). The draft guidelines are based on the recommendations of the European Forum on SecuRe Pay and are organised into three categories:

  • general control and security environment of the platform supporting the internet payment service
  • specific control and security measures for internet payments
  • customer awareness, education and communication.

The deadline for responses was 14 November 2014.

What this means for you

Although the deadline for responses has passed, payment service providers and the relevant market participants may want to look at the documents accompanying the draft guidelines which include best practice examples that they are encouraged to adopt. The EBA intends to publish a feedback statement with the final guidelines "soon thereafter". The guidelines will enter into force in August 2015.