In the context of a Digital Single Market in Europe, the need for secure electronic transactions across member states is a big topic for banking and financial services players. Electronic ID and trust services are key compliance factors for identification and authentication after recent regulatory updates such as PSD2 or AMLD4.
In this blog post, we will take a look at eIDAS requirements, combined with other legal guidelines and principles as applied in the payment, banking and financial services industry.
The opportunities eIDAS brings for payment use cases and the banking & financial services industry
By harmonizing qualified digital signatures EU-wide, eIDAS enables and facilitates the provision of online financial services and the execution of digital transactions and processes across national borders, improving the EU-wide service offering for citizens and businesses. Finance start-ups have been thriving in this era of digitization, but well-established banks, insurance companies and others alike must ensure they are not left behind! Every changing environment brings new opportunities to evolve, all while adapting to current customer needs and legal requirements.
Whether it is about identifying a new customer according to the “Know Your Customer (KYC)” principle, strong authentication of the parties involved in an electronic (payment) transaction or speeding up process steps such as contract signing or sealing for proof of origin and integrity – eIDAS will be and is already being applied throughout the industry!
eIDAS in the context of the latest Anti-Money Laundering Directive (AML4)
In the past, banks were required to perform face-to-face verification of one’s identity before accepting to open a bank account in one’s name. With eIDAS, remote customer identification becomes much easier and more secure, since notified eID means are recognized and can be used for this purpose across EU borders. For banks and financial service providers, this facilitates compliance with the strict “Know Your Customer (KYC)” requirements.
eIDAS and the 2nd Payment Services Directive (PSD2)
PSD2 has become national law in EU member stated in January 2018 and allows non-bank third party providers (TPP) to access bank customer’s account data, paving the way to innovations in the payment area. Open banking APIs enable access to account information, provide confirmation of funds or transmit the permission to initiate a payment. PSD2 requires strong authentication mechanisms, both from service providers and from customers. eIDAS can assure that for digital signing and sealing. Read more about eIDAS & PSD2 on our blog shortly!
Speeding up banking processes using eIDAS trust services
Whether for signing a contract, opening a bank account or changing account information or parameters – “remote signing” as introduced by the eIDAS regulation is a legally recognized and yet easy way of expressing consent. No need for customers anymore to be physically present for a signing process or to authorize a change, nor to hold signature cards and card readers at home, since they may use remote signing services offered e.g. by their bank on all their smart devices. A very striking example is the example of a bank loan, which still requires a paper process in many places today. From the initial eID verification, to signing the contract and receiving the sealed loan agreement – we will find a user-friendly, fast and secure digital processes end-to-end.
References & further reading
Accelerating the take-up of eIDAS services: where do we stand in the banking/financial sector (2016), by Andrea Servida, Head of Unit "eGovernment and Trust" at DG CONNECT, European Commission
eIDAS helps the financial sector to master its digital transformation (2017), by Bundesdruckerei, Germany
Seven things you probably should know about PSD2, but were never told (2018), by Myles Stephenson