-
NBS Tasks
Browse topics
- Monetary policy
- Financial market supervision
- Financial stability
- Banknotes and coins
- Payments
- Statistics
- Research
- Legislation
-
Publications
- Activity Report of the NBS Innovation Hub Annual Report Economic and Monetary Developments Financial Stability Report Investment Policy Statement of the National Bank of Slovakia Macroprudential Commentary Policy Briefs
- Report on the Activities of the Financial Market Supervision Unit Research Papers: Working and Occasional Papers (WP/OP) Statistical Bulletin Structural Challenges Other publications Sign up for your email notifications about publications
- About the Bank
- Media
- Frequently asked questions
-
For the public
Browse topics
- About the Bank
- Exchange rates and interest rates
- Banknotes and coins
- Payments
- Financial stability
- Financial market supervision
- Statistics
- Legislation
-
Publications
- Activity Report of the NBS Innovation Hub Annual Report Economic and Monetary Developments Financial Stability Report Macroprudential Commentary
- Report on the Activities of the Financial Market Supervision Unit Research Papers: Working and Occasional Papers (WP/OP) Statistical Bulletin Other publications Sign up for your email notifications about publications
- Frequently asked questions
- Media
- Careers
- Contact
sk
sk
To search for
press Enter
Why is a strong customer identification applied by payments and what does it practically mean?
Payment services provided electronically should be provided securely using technologies capable to guarantee a secure user authentication of the user and minimizing the risk of fraud. As fraud methods are constantly changing and the volume of fraudulent transactions is constantly increasing, the requirements for strong customer authentication should allow innovation in technical solutions in response to emerging threats to the security of electronic payments. Thus, strong customer authentication of the user is applied in practice by using two or more authentication elements from the following three categories when performing electronic payment operations on the Internet: a) knowledge - e.g. password, PIN, answers to agreed control questions, b) ownership - e.g. ownership of a device (usually a mobile phone) capable of generating (e.g. via a specialized authentication application) or receiving one-time passwords (e.g. via SMS) or signatures (tokens), c) characteristics of the payment card holder (inherence) - e.g. capture of biometric data in the form of fingerprint, voice, the geometry of the client's face. The individual elements should be independent of each other and designed in such a way that the disruption of one element does not impair the reliability of the other elements. Strong authentication, therefore, means that payment service providers that allow users to carry out payment transactions on the Internet are obliged to authenticate (verify the identity of) the payment service user with each payment through at least two of the above categories. If the identity of the payment service user is not correctly verified and does not fall under any of the exceptions to the strong authentication obligation, the payment will be declined. The transition to strong authentication of payment service users has been taking effect since 14 September 2019. The NBS and other supervisory authorities in the EU have agreed that in card transactions on the Internet (e-commerce payments) the fulfilment of this obligation will be supervised and required from 1. 1. 2021.