Webinar Recording

The Clock is Ticking: Rethink PCI 2.0 Compliance

Show description
Speakers
Tom Arnold
Principal
Payment Software Company
Tom Arnold
Tom Arnold is a partner with Payment Software Company™, Inc. (short PSC; www.paysw.com ), a firm specializing in payment systems, security, and compliance for companies that accept or process consumer payments. Mr. Arnold has had experience as a Vice President of Engineering and Chief...
View profile
Dr. Torsten George
VP Worldwide Marketing
Agiliance
Dr. Torsten George
Torsten George is a marketing leader with more than 17 years of global experience in promoting security software and network equipment products. Based on his vision and superb technology and market foresight he has become a frequent speaker at industry events and resource for byline articles and...
View profile
Dave Kearns
Senior Analyst
KuppingerCole
Dave Kearns
Dave spent 10 years as a network manager, ending up as Information Services Manager for the former Thomas-Conrad Corporation (now part of Compaq ). In 1987, he was a founding SysOp of Novell's Novell Support Connection service on Compuserve and served as the first president of the Association...
View profile
Lead Sponsor
Agiliance Inc.
Top related content
Event Recording
EIC 2012 Session: Security for Virtualized Environments, Privileged Users and PCI Compliance
May 15, 2012

Guy Balzam, CA Technologies
Stephan Bohnengel, VMware
Giovanni Ciminari, Telecom Italia

April 19, 2012 14:30

Event Recording
Martin Kuppinger - Findings from a Recent KuppingerCole Study on PSD2 Readiness
Mar 08, 2017
Webinar Recording
Game On: Managing Multi-Regulatory Compliance
Sep 17, 2011

KuppingerCole Webinar recording

Event Recording
Beware of Easy Paths: The Journey Towards NIS2 Compliance
Nov 15, 2023

Matthias offers a critical analysis of the EU's NIS2 Directive's intricate demands, drawing attention to the limitations of one-size-fits-all solutions. He advocates for customized compliance plans, underscoring the unique challenges across various entities, with special attention to the constraints faced by SMEs. And obviously the future interpretation of this EU directive into national regulation adds another layer of complexity.

Essential strategies such as comprehensive risk evaluations, continuous educational efforts, and advanced incident management protocols are emphasized as crucial for effective compliance, integrating cybersecurity deeply into the organization's core values beyond just adherence. The talk concludes with a perspective that views NIS2 compliance as a dynamic goal necessitating enduring dedication and flexible approaches. 

Event Recording
How to Work Together in a Privacy Preserving Way to Mitigate Risks
Dec 21, 2017

Panel at the Consumer Identity World 2017 APAC in Singapore

Webinar Recording
Revised Payment Service Directive: Understanding Its Technical Requirements for a Smooth and Secure Customer Experience
Nov 17, 2017

When PSD2 takes effect, banks across the European Union will be required to expose their core banking functions to these TPPs via APIs. It is imperative that banks begin now to build and lock down APIs in preparation for PSD2. We will take a look at the Open Banking APIs as well as some other competing API offerings, and discuss API security methods.

Strong Customer Authentication (SCA) is a 2nd primary technical requirement of PSD2. Banks and TPPs both must provide mechanisms to do at least 2-Factor Authentication for their customers. Risk adaptive authentication is preferred. Additionally, PSD2 states that financial transaction processors must employ User Behavioral Analytics for higher assurance outside of the SCA requirements.

Webinar Recording
Prepare for PSD2 with Strong Customer Authentication, Fraud Risk Management and Open Banking APIs
Sep 13, 2018

Banks will soon have to comply with the Revised Payment Service Directive, commonly called "PSD2." The directive will introduce massive changes to the payments industry and radically alter the user experience for customers of European banks by allowing third party payment service providers (TPP) to access their account information to provide various innovative financial services. But to mitigate risk, banks and TPPs must address the core regulatory technical requirements outlined by PSD2.

Event Recording
Mike Small - PSD2 – Does the RTS Prohibit Secure Customer Authentication?
Mar 09, 2018

On January 13th, 2018 a new set of rules for banking came into force that open up the market by allowing new companies to offer electronic payment services.  On November 27th, 2017 the European Union published and press release and a draft Regulatory Technical Standard (RTS) on strong authentication.

On the one hand the press release says that – “thanks to PSD2 consumers will be better protected when they make electronic payments or transactions because the RTS makes strong customer authentication (SCA) the basis for accessing one's payment account, as well as for making payments online”.  However, the RTS explicitly excludes preventing Payment Service Providers (PSP) from using the customer account credentials or imposing redirection to the Account Service Provider for authentication.

This session will discuss the security implications of this RTS on the use of proven industry standards such as OpenID and SAML as part secure authentication for open banking.

Webinar Recording
Architecting a Digital Strategy for PSD2 and Open Banking
May 18, 2017

PSD2 and the Open Banking Standard are regulatory mandates being applied to the banking industry by the European Banking Authority (EBA) and Competition & Markets Authority (CMA) across Europe and in the UK respectively. The regulations require that banks operating across the region expose open APIs to allow other banks and third parties to access the data they hold on customers, when the customer has given their explicit consent. Designed to improve choice for customers, create more competition and stimulate innovation in the finance sector, the introduction of 'open banking' in the UK and across the EU will transform banking as we know it.