Europe gets rolling on authentication standards
May 26, 2014

Although a significant amount of preventable damage has already been done by major data breaches in the past several years, more watchdogs and regulators are beginning to increase efforts to strengthen security standards among a variety of sectors, most notable health care and financial services. And, as the saying goes, it is better late than never to get moving on more robust protections, as hackers show no signs of relenting any time soon. 

Authentication has emerged as one of the most common steps toward more comprehensive and effective network and access control, and consistently proves to be a more modernized approach to identity management. In the coming years, more banks and other organizations that manage sensitive information will likely continue to increase their investments in authentication solutions, as evidenced by several major moves that have taken place in the past few years. 

Europe's new bag
Out-Law Magazine recently reported that the European Central Bank has published a fresh set of security standards that will make authentication mandatory for other entities managing financial data in the various nations on the continent. This is the latest decision by a major regulator to improve security through these advanced access and identity management controls, with Canadian authorities being among the first to do so on such a large scale. 

The source explained that the ECB and European Forum on the Security of Retail Payments will enforce the policy in hopes of driving down the risk of data breach for a variety of industries, especially those that have any activity in the payment processing arena. Because of how the economy is turning into an always-ready environment, the standards dictate that the authentication tools will need to be available 24 hours a day, seven days a week. 

Third party providers, which play a major role in electronic payment processing today, will also be obliged to follow the new standards. 

"The recommendations should not be interpreted as a warning against established TPPs in Europe," the ECB affirmed, according to the news provider. "TPPs fill a gap by providing efficient and customer-convenient e-commerce services. The Forum has suggested that a secure European standard/interface for payment account access should be established and should allow any TPP to access payment accounts at any PSP throughout the EU. This standard could be defined by the [European Banking Authority] in close cooperation with the ECB and include technical and functional specifications, as well as related procedures."

Will others follow suit?
The United States is one nation that has traditionally lagged behind in its security standards and legislation, although leaders are beginning to step up efforts more aggressively amid so many major issues in such a short period of time. Target's breach remains as the most widespread and devastating retail data loss in history on the global scale, and was likely preventable had authentication and other advanced identity management controls been in place. 

In the coming years, other nations will need to become more proactive in their advancement of access control technology utilization to begin reducing the rate of crime.