In August 2015, the new rules for the security of online payments came into force in the European Union, in accordance with the regulations, adopted by the European Central Bank and the European Agency for Banking Supervision.
These regulations, binding both for financial institutions and regulators, describe the basic principles and approaches to ensure the security of online payments and mobile payments, which are not subject to the PCI DSS requirements, regulating the safety of payments through bank cards. The need for this document is obviously long overdue, because, in recent years, a large number of alternative payment systems has developed, where it is not necessary to use bank cards or where a bank card does not come into direct contact with the ATM or the POS-terminal, and an “intermediary” application acts as a means of payment. Currently, a new version of the European Payment Directive – PSD 2 – is being prepared for the adoption, which will further enhance the capacities of payment institutions both as full participants in the payment services market, and as partners of traditional banks.
In accordance with the new rules, Canopus IT has introduced a new product – a mobile MAC-generator for smartphones powered by OS Android. This development is fully in line with the new requirements of European regulators for the security of Internet payments and can be used both with the solutions of Canopus IT, and with any other Internet banking and mobile banking systems. The main advantages of this application are the possibility of the parameterized key computation based on the QR-code scanned and the possibility to store the keys not only in the database, but also in the HSM Thales Payshield, which makes the solution even more reliable and secure.”