According to the European Union banking regulators, banks should provide customers with the means to create one-off passwords starting with August 2015 to make buying over the internet safer.
It called on supervisors in all the blocs 28 countries to apply the non-binding guidelines it finalised in December2014 and which take effect in August 2015. They require banks to provide consumers with the means to key in a non-reusable password to authenticate an online purchase more securely.
Non-reusable passwords can include a number generated by devices supplied by the bank, or a password sent by text message to the customers phone. Some security systems are biometric, allowing a customer to confirm a transaction with a fingerprint.
The EBA guidelines are a stop-gap until the EU watchdog draws up more comprehensive, binding rules by early 2019 to strengthen security across all types of digital payments, such as using a mobile phone.
The watchdog has already asked all 28 national regulators in the EU if they plan to enforce the interim guidelines from August 2015 and only three, UK, Estonia and Slovakia, said they will not be doing so.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now