The MIDAS Alliance is pleased to recognise the next key step in the development of its first standards initiative. Work has been under way for a year to ensure the alignment of PAS499 “Digital Identification and Authentication” with other relevant standards and legislative requirements. This gives practical advice to organisations that seek guidance on how to establish principles of best practice when implementing systems to comply with the forthcoming range of regulatory requirements.
PAS499 is specifically targeted at those businesses that must comply with payments legislation and regulation, but also provides useful guidance for other organisations wishing to learn from the financial services industry’s security expertise. These include such developments as the additional security mandated through Payment Services Directive 2 and the Regulatory Technical Standard on Strong Customer Authentication and Common Secure Communications. PAS499 gives practical steps to develop good practice in handling customer identity and covers authentication methods, with applications in Knowing Your Customer or authentication for data access requests under GDPR, and includes guidance on the use of biometric technologies, secure tokens, and other security techniques.
Organisations or individuals that wish to submit comments on the PAS (Publicly Available Specification) are requested to use the link below to do so via BSI Standards where the full public draft may be downloaded.
Organisations who wish to understand what PAS499 could mean for their operations may engage with MIDAS Alliance, the sponsor of PAS499, directly to ensure that they both understand the principles and can apply them. For further information, please e-mail firstname.lastname@example.org. Further information on MIDAS Alliance, its goals and history is at www.midasalliance.org.
Please note, the public consultation will be open for a month, so ensure you have sufficient time to read, understand and comment on it.