PSD2 deadline: don’t just comply, succeed – KCOM

This Saturday marks the deadline for PSD2 compliance and a new era for banking in the UK. In response to this milestone, please see comment from Gavin Brown, Head of Identity, at KCOM looking at the steps organisations should be taking to create a more holistic authentication system, rather than treating compliance ad a box ticking exercise.

He said: “This week’s PSD2 compliance deadline marks the start of a new era for banking in the UK. Although the FCA has announced a ‘soft landing’ period for some aspects of the EU regulation, particularly around secure customer authentication (SCA) – the message is clear. Financial institutions must accept that where customers have authorised access to their accounts by selected third parties, access to that customer data must utilise APIs which are fully secured by next-generation identity management.

“Although PSD2 compliance has been high-priority in recent months, many companies have focused on ticking the box in order to meet the regulatory timescale rather than implementing optimum authentication systems. Carried out strategically, PSD2 compliance can be a trigger for a wider review of identity management strategies, which will ultimately benefit customers and businesses alike with a smoother, more efficient and secure process.

“For example, some banks may have implemented numerous, divergent stop-gap solutions so that they have something to show the regulator. Technically that makes them compliant, but in practice the results are far from ideal.

“Working with multiple identity systems or with single-use identity solutions causes delays and sub-optimal performance in the long-run. It forces customers to authenticate their activities again and again across different products and services, taking away from a positive customer experience. Not only that, a siloed system also generates unnecessary admin work and cost for the company itself.

“To avoid that, financial services organisations need to work with experienced partners who can help them to consolidate and optimise their authentication systems. PSD2 is going to introduce far greater competition into the financial services market, so it’s essential that your identity solution provides the best possible customer experience and supports the future development of the company.

“As financial services increasingly go digital and customer expert instant capability, banks need to build flexible, scalable authentication systems that can handle the increased traffic and provide excellent customer experiences.

“The PSD2 compliance date is a starting gun, not a deadline. Banks can work with the right partner to ensure their identity solution will support them and their customers for years to come.”