- TYPE: Expert Talk DATE: Wednesday, May 16, 2018 TIME: 17:30-18:30 LOCATION: WINTER GARDEN
The new Payment Services Directive 2 is compelling European banking actors to open their services to outside partners. Most banking actors were not fully ready for the exposition of the services that were, until then, strongly kept for inside use. Some initiatives such as Open Banking(UK) and STET(FR) have established OAuth2 as the main standard for authentication, authorization and user consent. However all requirements cannot be directly addressed by the current state of the specifications. Despite some additions by the Financial API initiative such as TLS certificate authentication a few issues still elude the standards
Is there a way to handle out-of-band authentication for the user without forcing multiple redirections on his device? What implementation of OAuth2 can bring an answer for business-driven authentication step-up at run time and transaction-based authentication? Is there a way to make the user experience simpler and lighter during authentication and avoid window flickering on mobile devices but keep the right security level?
In this session we will explain PSD2 requirements on customer authentication and what it implies for banks and we will also shine light on some of the answers that were brought when the standards came short.
- What does PSD2 require from European banks regarding identity security?
- How can the OAuth2 and OpenID standards answer those requirements and what are they coming short for?
- What answers have been found to those limitations?
PSD2 will revolutionize the portability of Identity not only for the banking industry but for everyone. While the intent is to increase participation in the payments industry but architecting for PSD2 will change the way consumer identity is shared, protected and self-managed. In this session, we will explore the requirements of PSD2, best practices for achieving these requirements and we will demonstrate a testbed for PSD2 that can enable fast adoption.
In an era of fake news, data breaches, and the GDPR, earning consumers’ trust is a “must.” Come to this session to discover the SAP Customer Data Cloud from Gigya, your comprehensive solution for capturing consent and preferences, enabling customer control of personal data, and turning consumer data privacy into your market advantage.
- Registration fee:
- Contact person:
Mr. Levent Kara
+49 211 23707710
- May 15 - 18, 2018 Munich, Germany