Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

No it doesn’t. 2FA authentication is not mandatory for online transactions in the EU. That element of PSD2 has been delayed significantly, only in person transactions have that protection. Unfortunately in person transactions are the least risky from a fraud perspective because they don’t scale well.


PSD2 is fully enforced for banks in the EU/EEA, and not yet enforced for UK banks. But many transactions are exempted from 2FA authentication, if either the acquirer or issuer perceive the transaction as low risk. And transactions with only one leg in Europe have no regulatory requirement. So fraud is very much alive in Europe.


In my experience most banks do enable it. And if you use your card at a merchant you haven't used before it's almost always 2FA time.

I have no idea how effective this has been, but at least here [Hungary] banks went all in basically.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: