ECB has published a set of recommendations aimed at improving the security of internet payments. There are 14 recommendations based on four guiding principles:

  • payment service providers (PSPs) should carry out and regularly update risk assessments on provision of internet payment services;
  • generally, internet payment services should be initiated by strong customer authentication;
  • PSPs should implement effective authorisation and monitoring procedures; and
  • PSPs should engage in customer awareness and education programmes.

(Source: ECB Recommendations for the Security of Internet Payments)