Transakt judged PSD2 compliant for strong customer authentication

Entersekt, a leader in next-generation digital banking security, today announced its mobile app security and authentication product Transakt has been endorsed by a key European consultancy as a "state-of-the-art solution" to the European Banking Authority's Regulatory Technical Standards (RTS) on strong customer authentication under PSD2.

These specifications define the enhanced security measures that payment service providers in Europe must put in place by September 2019.

Headquartered in Bonn, Germany, SRC Security Research & Consulting provides financial services providers with independent research and development services in IT and security, with a special focus on secure payment systems. SRC's highly regarded security evaluation facility assessed Transakt software development kits for iOS and Android over several months.

In a 36-page report, SRC concluded that Transakt met all relevant requirements set out in the RTS. It went on to state: "Transakt makes use of industry-wide accepted best practices in its design and use of technology, especially in cryptographically securing and authenticating its credentials and its client-server communication. Therefore, Transakt can be considered a state-of-the-art solution."

In a group statement, SRC's experts said: "After rigorously examining the latest version of Transakt from Entersekt, it is our independent opinion is that it fulfils all requirements of the EBA RTS that are in scope of the product."

"With now only 18 months left to comply, Europe's financial institutions are urgently searching for a PSD2-compliant strong customer authentication solution that impacts consumers' digital interactions as little as possible," said Jonathan Knoll, country manager for central Europe at Entersekt. "We now have more independent verification that Entersekt can provide a compliant solution that combines mobile-enabled convenience coupled with superior security."

SRC's full report, which contains confidential information, will not be released publicly. A summary is available on Entersekt's Web site.

In May 2017, a similar study by the Payments Advisory Group - an Amsterdam-based consultancy - also concluded that Entersekt's technology complied with all relevant sections of the EBA's RTS.