The European Central Bank (ECB) has announced a set of new rules to improve the security of Internet payments across the various providers in the continent.

The detailed recommendations, put together by the European Forum on the Security of Retail Payments, provide clarity on issues such as governance, risk management and mitigation, customer information and due diligence. The new rules cover the initiation, monitoring and authorisation of payments, protection of sensitive payment data, and customer awareness and education.

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

As the new guide suggests, in order to protect customer transactions, firms should limit the number of log-in or authentication attempts, defining rules for Internet payment services session "time out" and set time limits for the validity of authentication.

The guide will support governance authorities of payment schemes, as well as Internet payment service providers in implementing the recommendations by 1 February 2015.

ECB also announced it is working on a new guide for mobile payments security, with rules set to come in by February 2017.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.