Hey, friends. We know it's a crazy time for the economy, but don't forget to enable 2FA for payments by Saturday

Deadline for multi-factor authentication in UK banking looms


Saturday is the delayed deadline for UK banks and financial institutions to have implemented two-factor authentication for payment transactions.

This is the result of the EU Payment Services Directive 2 (PSD2) for "Strong Customer Authentication" (SCA). This requires institutions to have two levels of authentication in place for online transactions to reduce fraud. Providers can choose two out of three – something the customer knows, like a PIN, something they have, like a phone or hardware token, and something they are – a biometric check.

James Stickland, chief executive officer at authentication platform Veridium, said the huge growth in use of digital services made better authentication vital.

Stickland said: "This Saturday's deadline is a long-awaited triumph for consumer security and combatting online fraud. Ever-rising fraud levels are linked to the consumer preference of mobile e-commerce, forcing regulation to keep pace with innovation. Businesses have had an extended period of six months, in addition to the two years since the initial announcement, and there is no legitimate reason not to be compliant. A failure to integrate Strong Customer Authentication demonstrates a disregard for consumer protection – it should have been prioritised long ago and viewed as a business differentiator."

Stickland warned that banks face large fines for not complying with the rules and though the changes could inconvenience customers, they could actually improve user experience and increase confidence as well as allow new services to be offered.

There are some exceptions to SCA such as recurring payments when only the first payment needs authenticating, low-value payments of less than €30 and merchant-initiated transactions.

How big a problem online fraud is a hotly disputed subject.

Government quango Action Fraud is the UK's central referral point for online crime. But it referred fewer computer misuse cases to police in 2019, while the Crime Survey for England and Wales also saw a fall but a far higher total than Action Fraud.

In other news. Halifax and Lloyds' online services were struggling to stay available this morning.

We contacted Lloyds, FirstDirect, the Royal Bank of Scotland as well as the Financial Conduct Authority but none were able to respond. ®


Other stories you might like

  • Talos names eight deadly sins in widely used industrial software
    Entire swaths of gear relies on vulnerability-laden Open Automation Software (OAS)

    A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software (OAS) platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system.

    The OAS platform is widely used by a range of industrial enterprises, essentially facilitating the transfer of data within an IT environment between hardware and software and playing a central role in organizations' industrial Internet of Things (IIoT) efforts. It touches a range of devices, including PLCs and OPCs and IoT devices, as well as custom applications and APIs, databases and edge systems.

    Companies like Volvo, General Dynamics, JBT Aerotech and wind-turbine maker AES are among the users of the OAS platform.

    Continue reading
  • Despite global uncertainty, $500m hit doesn't rattle Nvidia execs
    CEO acknowledges impact of war, pandemic but says fundamentals ‘are really good’

    Nvidia is expecting a $500 million hit to its global datacenter and consumer business in the second quarter due to COVID lockdowns in China and Russia's invasion of Ukraine. Despite those and other macroeconomic concerns, executives are still optimistic about future prospects.

    "The full impact and duration of the war in Ukraine and COVID lockdowns in China is difficult to predict. However, the impact of our technology and our market opportunities remain unchanged," said Jensen Huang, Nvidia's CEO and co-founder, during the company's first-quarter earnings call.

    Those two statements might sound a little contradictory, including to some investors, particularly following the stock selloff yesterday after concerns over Russia and China prompted Nvidia to issue lower-than-expected guidance for second-quarter revenue.

    Continue reading
  • Another AI supercomputer from HPE: Champollion lands in France
    That's the second in a week following similar system in Munich also aimed at researchers

    HPE is lifting the lid on a new AI supercomputer – the second this week – aimed at building and training larger machine learning models to underpin research.

    Based at HPE's Center of Excellence in Grenoble, France, the new supercomputer is to be named Champollion after the French scholar who made advances in deciphering Egyptian hieroglyphs in the 19th century. It was built in partnership with Nvidia using AMD-based Apollo computer nodes fitted with Nvidia's A100 GPUs.

    Champollion brings together HPC and purpose-built AI technologies to train machine learning models at scale and unlock results faster, HPE said. HPE already provides HPC and AI resources from its Grenoble facilities for customers, and the broader research community to access, and said it plans to provide access to Champollion for scientists and engineers globally to accelerate testing of their AI models and research.

    Continue reading

Biting the hand that feeds IT © 1998–2022