THE PSD2 CHALLENGE

Banks and Payment Service Providers (PSPs) operating in Europe are required to comply to Payment Services Directive (PSD2) regulations issued by the European Banking Authority (EBA) to protect customers.

In particular, PSD2 requires adoption of Transactional Risk Analysis (TRA) mechanisms to detect in real-time a number of risk factors in a user session and thus minimize the risk of mistaken or fraudulent transactions. 

The cost of not implementing PSD2 compliance before the the approaching deadline can be dire, both in terms of penalties and brand reputation. Nevertheless, achieving PSD2 compliance with traditional Fraud Management solutions presents several challenges, including:

1. Missing malware detection capabilities for detecting signs of malware infection, either "during the authentication phase" or in any other phase.

2. Rrequired application changes that impact application development and thus adversely affect the ability to deliver new business functions.

3. Long implementation time and huge implementation effort caused by both solution complexity and available integration approach. 

HOW CLEAFY HELPS

Cleafy protects online services and customers against the most advanced attacks from infected web and mobile endpoints. Cleafy detects in real-time advanced threats and account takeover, identity hijacking, transaction tampering and payment frauds scenarios. Moreover, Cleafy provides threat protection capabilities and effectively supports an adaptive threat response approach.

Cleafy makes it possible to become PSD2 compliat by quickly implementing all required Transactional Risk Analysis (TRA) mechanisms:

1. Deteministic malware detection identifies in real-time any sign of malware infection in all session phases, even before user authentication.

3. Behavioural and transactional analysis identifies any anomalous behaviour, including abnormal spending pattern and payee location.   

4. Passive application monitoring approach neither requires any application changes nor impacts the application delivery architecture. 

Once deployed, Cleafy delivers immediate benefits, both in terms of reduction of online frauds and improved efficiency of the security team.