2018: a key year for financial services and security

Alan Goode|22 January 2018
2018: a key year for financial services and security

This year will be an important one for financial services, with security taking center stage in a number of pivotal trends and regulatory changes, including open banking and the arrival of new, flexible fintech services, as well as the activation of the European Union’s PSD2 and GDPR regulations. The latter will see a global ripple effect, directly affecting financial services organizations that do business in the EU and potentially also influencing regional legislators to emulate their European counterparts.

PSD2 and SCA

The second version of the EU’s Payment Services Directive (PSD2) came into force during January 2018 with the aim of opening up the banking and payments industries in order to create greater competition. PSD2 will require banks to comply with strict new rules on how they authenticate their customers. The European Banking Authority’s regulatory technology standards (RTS) on strong customer authentication (SCA) will ensure that banks are deploying multi-factor authentication systems that protect their customers against fraud. Banks have only until the second half of 2019 to ensure that they are compliant with the RTS on SCA, reviewing their existing authentication solutions and partnering with suppliers that will get them to compliance.

Open banking

An open banking revolution has started, driven by a combination of state intervention and pressure from agile fintech challengers. In the UK, the Competition and Markets Authority has told the UK’s nine largest retail banks to be ready to commence open banking by 13 January 2018. The change in the law, initiated by PSD2, means that retail banks must allow regulated businesses to access a customer’s financial data – as long as the customer gives their permission. This could, for instance, allow a customer to use a money management app – which brings all their current account and credit card balances into a single view – to keep a closer control of their spending.

Open banking will lead to many benefits for consumers, but it does come with a few warnings. App users could be duped by fraudsters pretending to be a regulated business asking them for access to their financial details. Strong security, in particular an authentication mechanism, needs to be in place for these new open banking services to be safe.


Finally, the EU’s General Data Protection Regulation (GDPR) is set to shake up the way in which organizations manage customers’ data. GDPR will become law across all EU countries on 25 May 2018, and will require all institutions that handle personally identifiable information (PII) to ask their customers to give explicit consent for access to their data.

Entersekt’s industry-leading security technology takes care of the regulatory requirements of strong authentication and customer consent at the same time. Don’t let compliance become a headache – get in touch with us today.

About the author

Alan Goode

Alan Goode

CEO and Chief Analyst Goode Intelligence

Subscribe to our newsletter for our latest news, press releases and events

logo entersekt

Entersekt is an international software development company based just outside of Cape Town, South Africa.

We are leaders in authentication, app security, and payments enablement technology, offering a highly scalable solution set with a track record of success across multiple continents.