TryTRY
BuyBUY
  • newsletter
  • contact
  • corporate
  • careers
Utimaco
TRYour free HSM simulator
BUYget a quote
  • home
  • solutions
  • products
  • services
  • blog
  • downloads
  • partners
  • company

Utimaco Portal

Here you will find everything you need as a partner and customerLogin required

  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research

Home / Blogs / eiDAS & PSD2 – The New Payments Industry Paradigm in Europe

eiDAS & PSD2 – The New Payments Industry Paradigm in Europe

November 09, 2020

The Revised Payment Services Directive (PSD2) is poised to revolutionize the payment services industry. Its underlying principles mean that industry participants will have to innovate in terms of product structuring, service delivery, user experience and optimize in terms of costs to retain market share.

New call-to-actionThe PSD2 Directive is supported by other initiatives which promote innovation in customer experience with their own revolutionary leaps in transactional security: The eIDAS Regulation provides pan-European, cross-border mechanisms for customer authentication and ensuring trust while technical standards define just what it means to have Strong Customer Authentication (SCA).
Together, these directives all work towards the singular goal of making the payments industry in Europe safer, faster, cheaper and more convenient. The underlying foundations of all these initiatives are based on the following principles:

  • When it comes to payment transactions, the key elements of Strong Customer Authentication must be achieved. This can be done in multiple ways and requires a combination of something that a user knows, is and has access to.
    This has been illustrated in a little more detail in our previous blog post about SCA.
  • Technological neutrality is at the core of what the eIDAS Regulation and the Regulatory Technical Standards stand for. This means the regulation does not prescribe a specific technical implementation. Neutrality can be achieved through various means to ensure cryptographically secured authentication and this is where tools like Hardware Security modules (HSMs) can really boost security and efficiency. Utimaco’s CryptoServer CP5 HSM is the first such module in the market to receive the Common Criteria (CC) EAL4+ certification based on eIDAS Protection Profile EN 419 221-5. EN 419 221 specifies a “Protection Profile for cryptographic modules which is intended to be suitable for use by trust service providers supporting electronic signature and electronic sealing operations, certificate issuance and revocation, timestamp operations, and authentication services, as identified by” the eIDAS Regulation.
  • It is not just enough to secure the transactions themselves and prevent unauthorized ones, but it’s also important to secure sensitive data (like account information, balances etc.) from being leaked.
  • Customer experience and convenience must be placed at the forefront without compromising security. While adding more security can sometimes make transaction initiation cumbersome, these directives are inherently designed to overcome some of the related burden. For example, the accessibility of various bank accounts from one single platform – made available by Account Information or Payment Initiation Service Providers (AISPs or PISPs) under PSD2 – can make managing your finances much easier. So rather than having to remember four distinct passwords for four bank accounts, you just need one password and e.g. a One-Time Password delivered to your phone to access all four accounts through a single portal or app. That is just a very obvious example of the limitless possibilities that PSD2 offers.
  • Monitoring, risk analysis, and regular audits are also key elements of reliable security. Today’s systems can monitor thousands of concurrent transactions in milliseconds and detect suspicious activities. HSMs can provide a much-needed boost in efficiency.
  • There are also provisions for exceptions such as low value transactions, recurring payments, B2B transactions where corporate clients want to use bespoke authentication mechanisms and so on. These might seem trivial, but such exception make sense following the 80-20 Pareto principle for low volume or recurring (subscription) payments.

A deeper analysis of all the recent European Directives for the payments industry reveals that there is a great symphony at play here. Companies like Utimaco have recognized this: With eIDAS, the European Commission is looking to stimulate the digital market in Europe. Being the first HSM vendor certified according to Protection Profile EN 419 221-5, Utimaco helps pave the way for compliant and highly secure trust services today and in the future. These ambitions are also reflected in an increasing number of current and upcoming partner projects.”

The sum total of all of these taken together – EU initiatives and business participation – paves the way for a true Digital Single Market across national borders in Europe, with innovative products and services, improved customer experience and nonetheless appropriate and security measures.

New call-to-action

References and further reading

  • Selected Articles on eIDAS (2018 – today), by Gaurav Sharma, Dawn Turner, Utimaco and more
  • Selected Articles on PSD2 (2018 – today), by Gaurav Sharma, David McNeal, Utimaco and more
  • REGULATION (EU) No 910/2014  on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market and repealing Directive 1999/93/EC (28.8.2014), by the European Parliament and the Council
  • COMMISSION DELEGATED REGULATION (EU) 2018/389 of 27 November 2017 supplementing Directive (EU) 2015/2366 with regard to Regulatory Technical Standards for Strong Customer Authentication and Common and Secure Open Standards of Communication (27.11.2017), by the European Parliament and the Council
Back to overview

Stay on top of our news
Don’t miss out on any Utimaco updates

Subscribe to Utimaco Newsletter

We will keep you posted with news from Utimaco and the industries we protect, as well as information on upcoming events and webinars.

Subscribe now

Partners

Primekey Solutions AB Compumatica secure networks GmbH intarsys AG IQuantics Corp EUROPEAN DYNAMICS SA. Thomas-Krenn.AG Telegrupp AS Baas Control s.r.o. JJNet International Co., Limited - Utimaco Hardware Security Modules Partner Fornetix - Utimaco Hardware Security Modules Partner cv cryptovision GmbH Komar Consulting Inc. - Utimaco Hardware Security Modules Partner Real security d.o.o. Throughwave (Thailand) Co.,Ltd - Utimaco Hardware Security Modules Partner Abrantix AG SecureMetric Technology Sdn. Bhd. Synergy Computers (Pvt.) Ltd. - Utimaco Hardware Security Modules Partner Utimaco HSM - QuintessenceLabs Utimaco HSM - PTESA_profesionales en transacciones electronicas Perceptus-sp.-z-o.-o. Cryptomathic A/S Cryptomathic Inc. Encryption Consulting LLC Cogito Group Pty Ltd PrimeKey Labs GmbH Fortiedge Pte Ltd. MTG - Utimaco Hardware Security Modules Partner PETA (Thailand) Co., Ltd. Ascertia - Utimaco Hardware Security Modules Partner Rohde & Schwarz Cybersecurity GmbH Skytech Computing Solutions Limited. - Utimaco Hardware Security Modules Partner Secure Source Distribution (M) Sdn Bhd - Utimaco Hardware Security Modules Partner MIcrosec Nexus - Utimaco Hardware Security Modules Partner CREAplus Italia S.r.l PKI Solutions Inc. ESYSCO Sp. z o.o. Safesoft Kft. Compumatica secure networks B.V. VAR Group SpA - Utimaco Hardware Security Modules Partner Nexus Technology GmbH AKEA S.A. - Utimaco Hardware Security Modules Partner Macroseguridad Nexus - Utimaco Hardware Security Modules Partner Versasec Utimaco HSM - InfoGuard Swiss Cyber Security Softline Solutions GmbH MALKOM D.Malińska i Wspólnicy s.j. CEGA Security Astel (UK) Ltd. - Utimaco Hardware Security Modules Partner Envoy Data Corporation - Utimaco Hardware Security Modules Partner E-Sign S.A. CewTec S.A. CertiSur S.A. Microexpert Limited Cryptomathic GmbH CREA plus d.o.o. Altacom UAB Clearkey Consulting - Utimaco Hardware Security Modules Partner Cyber Armor Pte Ltd
Find a partner

Share this page

EMEA

Utimaco IS GmbH
Germanusstraße 4
52080 Aachen
Germany
Phone: + 49 241 1696 200

Americas

Utimaco Inc.
900 E Hamilton Ave., Suite 400
Campbell, CA 95008
USA
Phone: +1 844 UTIMACO

APAC

Utimaco IS Pte Limited
80 Raffles Place,
#32-01, UOB Plaza
Singapore 048624
Phone: +65 6622 5347

Utimaco

  • support
  • corporate
  • careers
  • legal
  • terms & conditions
  • privacy
  • cookie-policy
© 2021
to top
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research