By Andrei Skvarsky.
The European Union last month came up with guidelines for Internet payment providers on how to avoid increasing frauds that have yearly been sucking in hundreds of millions of euros across the EU.
Strict verification of the customer’s identity before proceeding with payment is one of the measures prescribed for payment services providers (PSPs) by the Final Guidelines on the Security of Internet Payments of the European Banking Authority (EBA), which are due to be implemented by August 1, 2015.
As one more of what the EBA calls “minimum security requirements”, PSPs will have to advise customers on how to protect themselves from swindlers, according to an EBA statement.
For example, PSPs will be required to initiate schemes to make customers aware of risks that online payments involve and to suggest the best payment practices to them.
E-merchants paying with cards should be encouraged not to store any sensitive payment data online or advised to take measures to protect these data.
PSPs will have to carry out regular data security inspections. If such a check shows an e-merchant not to have security measures as prescribed by their contract in place, their PSP will be duty-bound to take steps to enforce such measures or terminate the contract.
“The EBA guidelines on internet payments provide the legal basis for achieving a level playing field for all PSPs across the EU,” an EBA statement quoted Geoffroy Goffinet of the EBA Consumer Protection Unit as saying.
“Through this piece of work, the EBA looked into supporting the development of e-commerce across the EU, while ensuring proper protection of consumers.”