Article 97

Question & Answers

Paragraph

All

Links

• 2021_6280 Application of SCA for confirmation of funds requests made by a PISP
• 2021_6145 SCA applicability / Application of SCA at tokenisation stage
• 2023_6767 App to app redirection with biometrics for PIS
• 2023_6827 Trusted Beneficiaries
• 2021_6256 Payee-initiated transactions with irregular period or variable amounts for account payments.
• 2024_6989 Criteria for selecting the operations to be included in the calculation of fraud rates for the transaction risk analysis (TRA) exemption

1

• 2020_5534 Bill-payment via postal service
• 2021_6315 Transactions initiated via electronic mail (email)
• 2022_6464 SCA for token replacement
• 2018_4036 Application of the low-value contactless exemption – Calculation of limits at Primary Account Number (PAN) / account level or at device / token level
• 2018_4035 Criteria for the application of the transaction risk analysis (TRA) exemption – Application of the TRA exemption by authorized PSPs other than the issuer and the acquirer
• 2018_4034 Criteria for the application of the transaction risk analysis (TRA) exemption – Relevant fraud rates
• 2018_4033 Criteria for the application of the transaction risk analysis (TRA) exemption – Application of the TRA exemption at the level of individual brand, product or scheme
• 2018_4032 Criteria for the application of the transaction risk analysis (TRA) exemption – Fraud rate calculation methodology for the application of the TRA exemption
• 2018_4031 Applicability of SCA to ‘card payments initiated by the payee only’
• 2018_4030 Geographical scope of application of the RTS on strong customer authentication (SCA) and secure communication requirements – ‘Two-leg’ transactions
• 2018_4049 Persistent authentication for wearable devices
• 2018_4048 Applicability of Strong Customer Authentication (SCA) to existing recurring payments solutions
• 2018_4047 Review of security measures
• 2018_4041 Display of incorrect authentication factors in case of failed authentication attempts
• 2018_4040 Currency conversion of the EUR thresholds contained in the RTS
• 2018_4039 Qualification of SMS OTP as an authentication factor
• 2018_4038 Applicability of the low-value contactless exemption to contactless-only devices
• 2018_4065 Accessing payment account online in web browser shall exceed not 5 minutes without acitvity
• 2018_4060 Exemption for secure corporate payment processes and protocols
• 2018_4058 Transactions initiated via Interactive Voice Response (IVR) solutions
• 2018_4057 SCA at vending machines without PIN pad
• 2018_4056 Application of the exemption for transactions to trusted beneficiaries to Face-to-Face transactions
• 2018_4055 Confidentiality of offline PIN
• 2018_4054 Confidentiality of the application cryptogram for EMV transactions
• 2018_4053 Length of authentication codes
• 2018_4052 EMV cards and EMV terminals supporting online authentication
• 2018_4153 Review of Security Measures - Auditors expertise
• 2018_4152 Review of the security measures: Audit report
• 2018_4141 Authentication code
• 2018_4135 SMS OTP and credit card as a two authentication factor
• 2018_4131 Payee-initiated transactions with irregular period or variable amount
• 2018_4110 Data authentication standards
• 2018_4108 Scope of ‘initiation of an electronic payment transaction’
• 2018_4068 Exemption from strong customer authentication (SCA) for payment account information in combination with accessing account information online in web browser
• 2018_4076 On the access to trusted beneficiaries lists (RTS Art 13) by TPPs in write mode
• 2018_4414 Usage of SMS for dynamic linking
• 2018_4404 Subsequent instances of a recurring card payment transaction, other than the first, initial one, are transactions initiated by the payee only. This is also the case for card instalment transactions.
• 2018_4315 Strong Authentication
• 2018_4226 Contactless payments at point of sale - Applications of the conditions
• 2018_4225 Contactless payments at point of sale - Applications of the conditions
• 2018_4177 Application of SCA when a PSU accesses payment transactions data older than on the last 90 days, without having access to sensitive payment data and for a period of 90 days after the last access using SCA
• 2018_4155 Responsibility of national authority with regards to audit reports
• 2019_4556 Definition of payee for dynamic linking
• 2019_4480 Unattended terminals and Transaction Risk Analysis (TRA) exemption and related Payment Service Providers (PSP)’s liabilities rules
• 2018_4435 Dynamic Linking for batch payments
• 2018_4429 Application of the Low Value Transaction Limits
• 2018_4415 Dynamic linking for batch transactions
• 2019_4556 Definition of payee for dynamic linking
• 2019_4480 Unattended terminals and Transaction Risk Analysis (TRA) exemption and related Payment Service Providers (PSP)’s liabilities rules
• 2018_4435 Dynamic Linking for batch payments
• 2018_4429 Application of the Low Value Transaction Limits
• 2018_4415 Dynamic linking for batch transactions
• 2020_5288 Mount unattended contactless device on general goods vending machines
• 2020_5135 Payment Initiation Scope and Trusted Beneficiaries
• 2020_5133 Dynamic linking: transactions for which the final amount is unknown and may be lower or higher than authenticated amount
• 2020_5115 Using Trusted Beneficiary Lists to Auto Reject PISP Transactions
• 2019_4664 Applicability of SCA to electronically processed SEPA Direct Debits / Interpretation of EBA Q&A 2018_4359
• 2019_4564 Exemptions from Strong Customer Authentication (SCA): credit transfers
• 2023_6949 Secure corporate payment processes and protocols and inactivity time period

5

• 2021_6321 Authentication procedures that ASPSPs’ interfaces are required to support (using re-direction)