Open Banking APIs under PSD2: What are the security threats and solutions? Download VASCO’s white paper now

Graham Cluley Security News is sponsored this week by the folks at VASCO. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on VASCO to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

The Revised Payment Services Directive, also known as PSD2, requires European banks to provide communication interfaces to Third Party Providers (TPPs).

These interfaces, generally referred to as APIs, will allow TPPs to build innovative financial services on top of the services of the banks. The requirements for these interfaces are defined in the Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC), of which the European Banking Authority (EBA) published a draft version in February 2017.

In this whitepaper VASCO analyzes the requirements for the communication interface as defined in the draft RTS, with a special emphasis on security requirements. VASCO identifies the most important security threats against these interfaces, and discuss various solutions that can help banks to protect against them.

By downloading this free white paper, you’ll discover:

  • the PSD2 requirements for open banking APIs
  • the security and privacy threats against the APIs of banks
  • how to protect APIs against security threats
  • VASCO’s solution suite for PSD2 compliance

Interested in learning more? Download VASCO’s white paper: Open Banking APIs under PSD2: What are the security threats and solutions?


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about cybersecurity, you can find more information here.