PSD2 breaks up the ways in which banks do their business, by forcing them to open up their APIs. By doing so, PSD2 challenges the way in which data was traditionally secured in banks.
In this article, we will have a deeper look at the aspect of authentication in the context of PSD2. We will first categorize the authentication challenges immanent to distributed systems. Then, building on NIST’s authentication reference model, we suggest an extended model that caters to the challenges in a distributed context. With this distributed authentication model, we want to provide a common language for the context, and a common understanding of the dimensions of the value flow in such composite systems. We want to be able to most accurately describe the relay of the user's identity through the various atomic services (the individual services which compose a composite service).Read more