The PSD2 - Directive and Distributed Authentication

PSD2 breaks up the ways in which banks do their business, by forcing them to open up their APIs. By doing so, PSD2 challenges the way in which data was traditionally secured in banks.

Read more

Connecting Europe - eInvoicing and eIDAS

The EU has launched a number of initiatives to realize the aim of creating a unified Digital Single Market. The Connecting Europe Facility (CEF) is a funding instrument that provides the primary thrust for this initiative. The CEF uses certain underlying building blocks (known as Digital Service Infrastructures) to achieve this objective of providing an interconnected and unified marketplace.

Read more

Digital Identity and eIDAS in Banking

The eIDAS Regulation lays the groundwork for creating a robust digital identity framework. The idea is to provide EU citizens with a secure, robust and universal electronic identification that they can use to access private and public services anywhere within the EU.

One sector that is lapping up the new opportunities that eIDAS offers is banking. 

Read more

eIDAS and the Regulatory Technical Standards for Strong Customer Authentication

Last November saw the adoption of the Delegated Regulation on Regulatory Technical Standards (RTS) by the European Commission. The objective of this regulation is to provide for Strong Customer Authentication (SCA) and establish secure channels of communications.

Read more

Differences between Hash functions, Symmetric & Asymmetric Algorithms

Cryptographic algorithms can be categorized into three classes: Hash functions, Symmetric and Asymmetric algorithms. This article sheds light on their differences, purpose and main fields of application.

Read more

Digital Identity - How Social Media Is Changing How We Authenticate Our Identity

Throughout the last decade, social media has played a vital part in our lives and has significantly shaped the younger generations. Read more

Using 3D-Secure and Device Fingerprints for EMV Payments Against CNP Fraud

Credit cardholders are generally protected from liability if unauthorized transactions are made with their credit cards because of consumer protection laws and card policies. This leaves merchants and financial institutions on the hook for losses related to credit card fraud. According to an October 2016 Nilson Report, card issuers were burdened with 72 percent of fraudulent losses in 2015 while merchants were left with 28 percent of the losses.

Read more

HTTPS Encryption and Attacks on Authentication in Remote Banking Services - a Russian Perspective

Read the Russian Version Шифрование HTTPS

This article discusses the secure HTTPS Protocol intended for web-resources and its principles of operation as well as its strengths and weaknesses. It explains how attacks on HTTPS may lead to traffic being decrypted, particularly in systems for remote banking services and personal logins to web-resources.

Read more

Is non-repudiation really non-repudiable with digital signatures?

What does non-repudiation mean? Repudiation means to reject or deny the validity of something. Non-repudiation is a legal concept that is widely used in information security. It refers to any service, which provides proof of the origin of data and the integrity of the data. In other words, non-repudiation makes it very difficult to successfully deny who/where a message came from as well as the authenticity of that message.

Read more