• Read Gartner's Technology Insight for Biometric Authentication View Here

  • BehavioSec Announces More Continuous Authentication Features Read Press Release

  • BehavioSec CEO Neil Costigan Published in Security Boulevard Read the Story

Learn More »

Impacts of Payment Services Directory 2 (PSD2) Regulation on Behavioral Biometrics

  • Neil Costigan
  • Blog
  • Share

Since the European Banking Authority published their recent words on Behavioral Biometrics and Payment Services Directive 2 (PSD2) I thought I’d take this opportunity to try and break it down further.

What is the Payment Services Directive 2?

The Payment Services Directive is an EU Directive by the European Banking Authority (EBA) and the European Commission (Directorate General Internal Market). The Payment Services Directive (PSD) first went into force December 2007 and was updated with the Payment Services Directive 2 (PSD2) in 2015 with safer and more innovative rules aimed to better protect consumers when they use digital channels. The EBA recently published an opinion on the need for Strong Customer Authentication (SCA) and included Behavioral Biometrics as an accepted inherence factor.

Payment Service Providers (PSPs) and financial institutions need to devise an authentication method that uses two elements:

  • one element categorized as knowledge (such as a password)
  • and one as inherence (such as behavioral biometrics)

If the PSP does not provide strong customer authentication, then the customer will not incur any financial losses unless the customer has acted fraudulently.

What is Behavioral Biometrics?

Human gestures can be repeated in ways that may look similar to the naked eye. However, when they are measured by a behavioral algorithm, they appear entirely distinct. The way people hold, swipe, or type on a screen or keyboard varies greatly from person to person when analyzing the individual factors that comprise a swipe or a keystroke. Behavioral Biometrics authenticates true identities continuously by directly extracting unique human signals from interactions with mobile and web apps. In contrast, legacy authentication systems offer a one-time verification, primarily focused on verifying things that infer user identity.

With Behavioral Biometrics monitoring how interactions are made, we can keep your accounts more secure than ever before. All of this is monitored throughout the session so that security is an ongoing process, not merely a step-up or initial login. With Behavioral Biometrics, we can make the human factor, traditionally the weakest link of security, into the strongest link. For more information on Behavioral Biometrics, check out our website at https://www.BehavioSec.com

How can Behavioral Biometrics Help with PDS2?

BehavioSec’s Behavioral Biometrics platform keeps your digital identity safe from things like account takeover fraud, Remote Access Tools (RATs), malware, and technical support scams, while fulfilling the inherence demands throughout the whole user journey. Here are four quick reasons why BehavioSec is perfect as an additional layer of authentication:

  1. BehavioSec’s solution maintains a world leading behavioral accuracy, throughout the full user journey, both on mobile and web channels.
  2. BehavioSec’s solution is a mature proven way of protecting digital identities, handling billions of transactions every year, across the world.
  3. BehavioSec’s solution is transparent and frictionless, allowing you to get world class security while maintaining your rich digital experience.
  4. BehavioSec’s solution is flexible, both in easily scalable on-premise or cloud-based hosting and actionable through a powerful API feed.


If you found this interesting and want to read more about BehavioSec and PSD2 guidelines you can read our recent press release or schedule a product demonstration today by visiting our website, https://www.behaviosec.com/request-a-demo/.