Content Options

Content Options

View Options

Status: Please note you should read all Brexit changes to the FCA Handbook and BTS alongside the main FCA transitional directions. Where these directions apply the 'standstill', firms have the choice between complying with the pre-IP completion day rules, or the post-IP completion day rules. To see a full list of Handbook modules affected, please see Annex B to the main FCA transitional directions.

You are viewing the version of the document as on 2021-01-01.

Article 1 Subject matter

These Standards establish the requirements to be complied with by payment service providers for the purpose of implementing security measures which enable them to do the following:

  1. (a)

    apply the procedure of strong customer authentication in accordance with Regulation 100 of the Payment Services Regulations 2017 (SI 2017/752);

  2. (b)

    exempt the application of the security requirements of strong customer authentication, subject to specified and limited conditions based on the level of risk, the amount and the recurrence of the payment transaction and of the payment channel used for its execution;

  3. (c)

    protect the confidentiality and the integrity of the payment service user’s personalised security credentials;

  4. (d)

    establish common and secure open standards for the communication between account servicing payment service providers, payment initiation service providers, account information service providers, payers, payees and other payment service providers in relation to the provision and use of payment services in application of Part 7 of the Payment Services Regulations 2017 (SI 2017/752).