IBM Security Trusteer

 View Only

IBM Trusteer Pinpoint Verify and PSD2: Dynamic linking use case

  • 1.  IBM Trusteer Pinpoint Verify and PSD2: Dynamic linking use case

    Posted Mon April 08, 2019 11:48 AM
    Edited by Jennifer Tullman-Botzer Wed April 10, 2019 05:34 AM
    An interesting point in the EU PSD2 payment services directive (1) regards the need to provide the payer with a unique authentication code on a separate channel to confirm risky transactions. The authentication content needs to include key transactional information, such as target payee and amount. This technical requirement is also known as "dynamic-linking." (2)

    The challenge here is to link authentication capabilities with transactional information through a second device, not the device used to initiate the transaction.

    IBM Trusteer Pinpoint Verify answers this requirement for dynamic linking. Pinpoint Verify enables the organization to push a real-time notification to its customers over the mobile channel. Here's how it works: When a customer initiates a transaction that requires authentication, Pinpoint Verify communicates with the bank's application and sends the customer a notification message containing all the information required to enable that customer to determine if it is indeed a legitimate transaction in process. The customer then replies to the message, approving or rejecting the transaction This use case is relevant for many industries vulnerable to transactional fraud, including banking, retail and more.

    Click here to learn more about Pinpoint Verify capabilities.

    References:
    (1) https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32015L2366&from=EN
    (2) https://eba.europa.eu/documents/10180/1761863/Final+draft+RTS+on+SCA+and+CSC+under+PSD2+%28EBA-RTS-2017-02%29.pdf

    ------------------------------
    Assaf Ezov
    ------------------------------