Mobile Commerce Insider Featured Article

March 19, 2014

Poste Italiane Prepares for Central Bank Regulations by Adding CA AuthMinder Security

Poste Italiane, a provider of postal, banking, insurance and payment services in Italy, has chosen CA AuthMinder to provide strong authentication services for mobile transactions via the Postepay App. It was a careful choice for Poste Italiane, since the inception of a 2013 rule from the European Central Bank (ECB) which governs digital payments in the Single Euro Payments Area (SEPA) or which Italy is a member.

The ECB ruling will hold payment service providers (PSP) liable for fraud if they have not instituted strong authentication on their networks, releasing e-merchants from liability. PSPs have until January 2015 to comply.

Image via Shutterstock

SEPA is an integrated cooperative of 28 EU member states and five additional countries where the euro is commonly used, meant to simplify and standardize regulations governing bank transfers. The new rules set by the ECB and adopted by SEPA are intended to:

  • Protect internet payments and sensitive payment data with strong customer authentication
  • Limit log-in attempts, define rules for session “time out”
  • Establish monitoring mechanisms to prevent fraud
  • Implement multi-layer security

Though the definition of strong authentication varies, for ECB purposes it is similar to multi-factor authentication and requires two of the following: something only the user knows like a password or PIN; something only the user possesses like a mobile device, card or token; biometric data like a fingerprint or voice. At least one of these should be newly generated with each login attempt and not capable of being interpreted.

To fulfill the requirements, Poste Italiane customers will need to sign up on the website and register the mobile device they intend to use for payment with the app. A text message activation code connects the app to the device by software credentialing through the PosteID software, based on the CA AuthMinder system. A PIN will be required for each use of the app and the customer can call to have the account locked if the device is stolen or lost.

Postepay is downloadable for free from iTunes and Google Play.




Edited by Alisen Downey




Comments powered by Disqus


Related Mobile Commerce Insider Articles