TechRepublic 10 things you should never do in Excel Read More Multiple German banks have announced plans to drop support for SMS-based one-time passcodes (OTP) as a login authentication and transaction verification method. Postbank plans to drop support in August, while Raiffeisen Bank and Volksbank plan to do so in the fall, Handelsblatt reports. Deutsche Bank and Commerzbank also plan to drop support for SMS OTP but have not announced a deadline, while Consorsbank plans to discontinue it by the end of the year. Other banks like DKB and N26 have never deployed the technology, while ING has not made any public statements on its plans. New legislation entering into effect The reason why German banks are dropping support for SMS OTP is because of legislation that the EU passed in 2015, set to enter into effect on September 14, this year. In 2015, the EU revised the Payment Services Directive (PSD), a set of rules that govern online payments in the EU, and issued an updated version called the PSD2. This legislation also included a clause for strong customer authentication (SCA) mechanisms. Per the new PSD2, any financial or commercial operation carried out by EU consumers must be authorized using an SCA-compliant mechanism. The European Banking Authority (EBA) was tasked with enforcing the revised PSD2 and issue a regulatory technical standard, which it did last month, in June. According to this document, SMS-based OTP is not PSD2 SCA compliant, in most of its current deployments. The German banks were… [Read full story]
ZDNet is a business technology news website published by CBS Interactive, along with TechRepublic. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication owned by CNET Networks.