Facebook Twitter LinkedIn

PSD2

Expert Talk
Wednesday, May 16, 2018 17:30—18:30
Location: WINTER GARDEN

Extending OAuth2 to meet PSD2 Identity Security Requirements

The new Payment Services Directive 2 is compelling European banking actors to open their services to outside partners. Most banking actors were not fully ready for the exposition of the services that were, until then, strongly kept for inside use. Some initiatives such as Open Banking(UK) and STET(FR) have established OAuth2 as the main standard for authentication, authorization and user consent. However all requirements cannot be directly addressed by the current state of the specifications. Despite some additions by the Financial API initiative such as TLS certificate authentication a few issues still elude the standards

Is there a way to handle out-of-band authentication for the user without forcing multiple redirections on his device? What implementation of OAuth2 can bring an answer for business-driven authentication step-up at run time and transaction-based authentication? Is there a way to make the user experience simpler and lighter during authentication and avoid window flickering on mobile devices but keep the right security level?

In this session we will explain PSD2 requirements on customer authentication and what it implies for banks and we will also shine light on some of the answers that were brought when the standards came short.

Key Takeaways:

Extending OAuth2 to meet PSD2 Identity Security Requirements
Presentation deck
Extending OAuth2 to meet PSD2 Identity Security Requirements
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Michel Girier
Michel Girier
Wavestone
I graduated from Supelec, with a major in network and systems security. I have been working as a consultant for Wavestone the French Wavestone consulting firm for 12 years, in security matters...

PSD2 Finally Enforced – Here is How to Get Started

PSD2 will revolutionize the portability of Identity not only for the banking industry but for everyone. While the intent is to increase participation in the payments industry but architecting for PSD2 will change the way consumer identity is shared, protected and self-managed. In this session, we will explore the requirements of PSD2, best practices for achieving these requirements and we will demonstrate a testbed for PSD2 that can enable fast adoption.

PSD2 Finally Enforced – Here is How to Get Started
Presentation deck
PSD2 Finally Enforced – Here is How to Get Started
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Jordi Gascon
Jordi Gascon
CA Technologies
Jordi Gascon is a Senior Presales Director for Cibersecurity at CA Technologies EMEA. His responsibility covers working with CA sales and delivery groups across the EMEA region to analyze and...

The Customer: Your New Boss Under the GDPR

In an era of fake news, data breaches, and the GDPR, earning consumers’ trust is a “must.” Come to this session to discover the SAP Customer Data Cloud from Gigya, your comprehensive solution for capturing consent and preferences, enabling customer control of personal data, and turning consumer data privacy into your market advantage.

Yaron Gur-Ari
Yaron Gur-Ari
Gigya
Yaron joined Gigya, now a part of SAP, in 2017 and headed product strategy for the company's enterprise preference and consent management solution. He has over 18 years of experience in senior...
Subscribe for updates
Please provide your email address