itsme^® delivers the strong mobile authentication solution required by the PSD2 directive

A new section of the European payments directive (known as PSD2) comes into effect on Saturday 14th September 2019. Of particular importance, PSD2 is aimed at ensuring greater security for transactions by providing strong authentication.

From 14th September onwards, all online payments in excess of €30 will require online retail sites to have two-factor authentication for their customers. Also known as “strong authentication”, this procedure requires online merchants to assure themselves of the identity of their customers through a combination of at least two of the following three factors:

• Knowledge: an item of information known only to the customer, such as a password or secret code

• Possession: an item owned by the customer, such as a smartphone or bankcard

• Inherence: a personal characteristic, such as a fingerprint or facial identification feature

In addition to the two factors enabling secure authentication, the directive also requires dynamic linking. This gives the consumer the option of receiving information about the nature of the transaction: the amount and the beneficiary.

Strong authentication consists of providing security to payments, as well as other online operations, such as authorising access to the user’s current account balance. While various solutions are available to e-commerce sites and banks, obviously it is in their interest to prioritise ways of making the process as smooth as possible for the consumer.

Which is precisely the aim of itsme^®: to provide Belgians with a method of authentication that is secure, transparent and easy to use – while at the same time keeping users in control of the information they choose to share and with whom.

Since its creation in 2017, itsme^® provides four services to Belgians: identification, authentication, confirmation and signature. Through the combination of a secret 5-digit code (knowledge factor) on a smartphone (possession factor), itsme^® offers a strong form of authentication of the customer, along with transparency that complies with PSD2 regulations. It’s what enables a person to approve an online transaction or access their bank account – simply, quickly and securely. On smartphones that enable it, entering a secret code can be replaced by fingerprint recognition (inherence factor).

A growing number of Belgian private companies and public services offer itsme^® to their customers and users. This enables them to benefit from all of the functionalities and benefits of itsme^®, while complying with European legislation and the PSD2 directive in particular.