Article 7 Requirements of the elements categorised as possession

  1. (1)

    Payment service providers shall adopt measures to mitigate the risk that the elements of strong customer authentication categorised as possession are used by unauthorised parties.

  2. (2)

    The use by the payer of those elements shall be subject to measures designed to prevent replication of the elements.