PSD2, SCA, WTF?

Explore the European Payment Services Directive (PSD2) regulation and its Strong Customer Authentication (SCA) requirements in this 29-minute conference talk from GOTO Amsterdam 2019. Gain insights into the implications for businesses processing financial transactions over €30. Understand the types of multi-factor authentication needed for compliance, including dynamic linking. Learn about implementation options such as offline TOTP and SMS. Discover actionable steps to achieve SCA compliance and understand the balance between security and user friction. Leave with a clear understanding of PSD2, SCA, and their impact on secure software development in the financial sector.

Introduction
Background
Regulatory Requirements
Dynamic Linking
Security Requirements
Implementation Options
Offline TOTP
SMS
Friction