PSD2 Compliance

nCipher can help your organization keep sensitive data secure in the PSD2 environment

Regulation

Active now

PSD2 Compliance

The data security requirements of PSD2 are still evolving and are expected to call for a suite of industry best-practice solutions combining better security with high user satisfaction levels.

nCipher can help organizations prepare for and comply with PSD2 by delivering cryptographic services as a shared network resource for distributed applications and virtual machines.

EU's Payment Services Directive

According to the European Commission:

The [current] Payment Services Directive (PSD) was adopted in 2007. This legislation provides the legal foundation for an EU single market for payments, to establish safer and more innovative payment services across the EU. The objective is to make cross-border payments as easy, efficient and secure as 'national' payments within a Member State.

PSD2

Also according to the European Commission:

The Commission proposed to review the PSD to modernise it to take account of new types of payment services, such as payment initiation services ....

....

[PSD2's] main objectives are to:

  • Contribute to a more integrated and efficient European payments market
  • Improve the level playing field for payment service providers (including new players)
  • Make payments safer and more secure
  • Protect consumers
  • Encourage lower prices for payments
....

To make electronic payments safer and more secure, PSD2 introduces enhanced security measures to be implemented by all payment service providers, including banks. The EBA will develop specific and objective security standards to that end.

PSD2 Security directives and regulations are written at a high level and the detailed implementation is being left to the industry. However, data security regulations related to PSD2 will almost certainly be subject to the same stringency as the General Data Protection Regulation (GDPR).

The inherent data-security challenge industry observers see in PSD2 is that of strengthening security to reduce fraud while not causing too much disruption to the end user experience.

nCipher nShield Hardware Security Modules (HSMs)

The nShield Connect series delivers cryptographic services as a shared network resource for distributed applications and virtual machines. This gives organizations a highly secure solution for establishing physical and logical controls for server-based systems. Fully supporting the Thales Security World architecture, the Connect series provides an ideal combination of high assurance and operational ease. The solution makes it easier for organizations to define and enforce security policies, such as access control and separation of duties, while automating burdensome and risk-prone administrative tasks including back-ups and compliance reporting.

SafeSign

SafeSign is a scalable server application for nCipher nShield HSMs. It facilitates quick and secure deployment of digital signature solutions and helps ensure that digital signing processes are implemented in accordance with the latest industry standards. The strong key partitioning functionality of nShield HSMs is used in conjunction with the secure client connection capability of SafeSign to reduce the risk of fraudulent use of the digital signature capability. SafeSign provides high levels of flexibility by supporting a wide range of server platforms while simplifying integration with leading PKIs and offering a choice of implementation options to suit a variety of digital signing requirements.

Brochures : nCipher nShield Family Brochure

The nCipher nShield family of general purpose hardware security modules (HSMs) enhances the security and performance of server-based applications that handle your most sensitive data. nShield HSMs protect the keys...

Download

Other key data protection and security regulations

eIDAS

eIDAS

Regulation

Active Now

The eIDAS regulation has been developed to establish a single European market for secure electric commerce, impacting any organisation that handles online transactions with European citizens.

Learn More

PSD2

PSD2

Regulation

Active Now

The data security requirements of PSD2 are still evolving and are expected to call for a suite of industry best-practice solutions combining better security with high user satisfaction levels.

Learn More
Contact a Compliance Specialist Contact Us
Read the Compliance and Regulations Solutions Handbook Read the eBook
Want to be part of our team? Explore
Get in contact with a specialist Contact Us