Versions

 

OM-3.2.4

Licensees must have in place a strong customer authentication process for its e-banking activities which ensure the following:

(a) no information on any of the elements of the strong customer authentication process can be derived from the disclosure of the authentication code;
(b) it is not possible to generate a new authentication code based on the knowledge of any other code previously generated; and
(c) the authentication code cannot be forged.
Added: January 2020