University of Twente Student Theses


Balanced, as all things should be: PSD2 and cybersecurity risks

Chivulescu, Dragos-Marian (2021) Balanced, as all things should be: PSD2 and cybersecurity risks.

[img] PDF
Abstract:The revised Payment Services Directive (PSD2, Directive (EU) 2015/2366) came in full effect in the EU after the extended deadline for implementing Strong Customer Authentication has passed on 31st December 2020. One objective of PSD2 was to make e-payments safer and more secure. An asymmetry can be observed here. On one hand, traditionally, financial institutions such as banks presented advanced security measures, due to them being highly regulated and having to comply with different industry standards. This was the status quo in an environment where banks had full control over the systems the users interacted with and the data the clients used. On the other hand, new companies such as FinTechs lack cybersecurity maturity but can compensate on being more user-centric than the market incumbents. FinTechs however had little to no bargaining power in a market controlled by banks. PSD2 changed that, at the same time the regulatory technical standards associated with PSD2 disrupting many organizations and forcing them to develop new systems and processes, which can be vulnerable to cyber attacks. The mandated use of APIs and qualified certificates raises as a novelty in the industry. The cybersecurity aspect of these changes is important, as cyber crime continues to be on the rise. A question arises: has PSD2 improved the cybersecurity for the organizations that have to comply with it, given the new reality?
Item Type:Essay (Master)
EY Netherlands
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page