The new PSD2 regulations will bring about major changes to the digital security landscape. Among the most significant of these will be the requirement to use strong customer authentication (SCA) in remote payment transactions. Additionally, SCA on mobile devices will be required to make use of a secure execution environment (SEE).
This paper from CAPS starts from the existing trust model, and considers how it will evolve in the new regulatory environment. The basic principles of existing technological options for implementation of mobile SCA are compared with those which may be used to
do so as required by PSD2. This is not an exhaustive list, but a snapshot which can be amended with new technologies and players as they emerge.