These Standards establish the requirements to be complied with by payment service providers for the purpose of implementing security measures which enable them to do the following:
apply the procedure of strong customer authentication in accordance with Regulation 100 of the Payment Services Regulations 2017 (SI 2017/752);
exempt the application of the security requirements of strong customer authentication, subject to specified and limited conditions based on the level of risk, the amount and the recurrence of the payment transaction and of the payment channel used for its execution;
protect the confidentiality and the integrity of the payment service user’s personalised security credentials;
establish common and secure open standards for the communication between account servicing payment service providers, payment initiation service providers, account information service providers, payers, payees and other payment service providers in relation to the provision and use of payment services in application of Part 7 of the Payment Services Regulations 2017 (SI 2017/752).