Leadership Brief

The Anti-Malware Requirement in PSD2

The Revised Payment Service Directive (PSD2) mandates that service providers evaluate transaction requests for signs of malware infection. In order for transactions to be considered low-risk, there must be no signs of malware infection in any sessions of authentication events.

John Tolbert


1 Recommendations

All parties to financial transactions under PSD2, including Account Servicing Payment Service Providers (ASPSPs) and Third-Party Providers (TPPs) will be required to detect and mitigate signs of malware infection in transactions. Malware, particularly of the credential stealing variety, is a significant problem in the realm of financial transactions. The malware detection clause in PSD2 aims to reduce financial transaction risk.

ASPSPs and TPPs will need to deploy anti-malware tools at various points within their architectures to meet this requirement:

Full article is available for registered users with free trial access or paid subscription.

Register and read on!

Sign up for the Professional or Specialist Subscription Packages to access the entire body of the KuppingerCole research library consisting of 700+ articles.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package