Effects of PSD2 on security architecture of mobile banking : a review of literature

Effects of PSD2 on security architecture of mobile banking a review of literature

Show other versions (1)

This thesis aims to find out the changes that the Payment Service Directive (PSD2) will bring to the security architecture of mobile banking. PSD2 will create a situation where security mechanisms are separated from the actual banking application. Payment service providers must provide their Applica...

Full description

Bibliographic Details
Main Author: Kaipainen, Lauri
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, Information Technology, Informaatioteknologia, University of Jyväskylä, Jyväskylän yliopisto
Format: Master's thesis
Language:eng
Published: 2017
Subjects:
Payment Service Directive
PSD2
Security architecture
Mobile banking
maksupalveludirektiivi
tietoturva-arkkitehtuuri
mobiilipankit
Tietojenkäsittelytiede
Kirjallisuuskatsaus
601
verkkomaksaminen
varmenteet
salaus
tietoturva
kyberturvallisuus
maksupalvelut
direktiivit
mobiilisovellukset
järjestelmäarkkitehtuuri
sovelluskehykset
Online Access: https://jyx.jyu.fi/handle/123456789/55818
_version_ 1826225754759757824
author Kaipainen, Lauri
author2 Informaatioteknologian tiedekunta Faculty of Information Technology Information Technology Informaatioteknologia University of Jyväskylä Jyväskylän yliopisto
author_facet Kaipainen, Lauri Informaatioteknologian tiedekunta Faculty of Information Technology Information Technology Informaatioteknologia University of Jyväskylä Jyväskylän yliopisto Kaipainen, Lauri Informaatioteknologian tiedekunta Faculty of Information Technology Information Technology Informaatioteknologia University of Jyväskylä Jyväskylän yliopisto
author_sort Kaipainen, Lauri
datasource_str_mv jyx
description This thesis aims to find out the changes that the Payment Service Directive (PSD2) will bring to the security architecture of mobile banking. PSD2 will create a situation where security mechanisms are separated from the actual banking application. Payment service providers must provide their Application Programming Interface for third party developers to give them access to authentication of payment transactions. PSD2 requires payments service providers to offer strong customer authentication with separate authentication mechanism from the banking application. This thesis found that academic literature about the security architecture of mobile banking does not provide a model where a separate authentication mechanism should communicate separately from the mobile banking application. Academic research could however, provide solution to use the Public Key Infrastructure of a certificateless asymmetric encryption to achieve demand of PSD2 to offer strong encryption and means to check the integrity of data and make transactions non-reputable. The research in this thesis was conducted as a systematic literature review, which found 22 academic publications about the security architecture. The comparison between the demands of PSD2 with the academic literature was done by listing security demands and responsibilities of PSD2 and comparing them with themes found from the research material. PSD2 vaikutukset mobiilipankkien tietoturva-arkkitehtuuriin. Tämän pro gradu -tutkielman tarkoituksen on selvittää, mitä muutoksia maksupalveludirektiivi (PSD2) tuo mobiilipankkien tietoturva-arkkitehtuurille. Astuessaan voimaan PSD2 luo tilanteen, jossa mobiilipankkien tietoturvamekanismit ovat erillään varsinaisesta mobiilipankkisovelluksesta. PSD2 mukaan maksupalveluiden tarjoajien on annettava pääsy heidän tietoturvamekanismeihinsa ulkopuolisille sovelluskehittäjille API:n (Application Programming interface) avulla. PSD2 vaatii myös, että maksupalveluiden tarjoajat luovat vahvan asiakkaan tunnistautumisen, joiden pitää olla erillisiä ja itsenäisiä toimintoja mobiilipankkisovelluksesta. Tieteellisessä tutkimuksessa ei esitetä tietoturva-arkkitehtuurimallia, jossa erilliset tunnistautumissovellukset toimisivat erillisen mobiilipankkisovelluksen kanssa. Tieteellinen tutkimus voi kuitenkin tarjota ratkaisun PSD2:n vaatimuksiin tiedon salaamiseksi ja viestiliikenteen virheettömyyden takaamiseksi. Tämä voidaan tutkimuksen perusteella toteuttaa PKI:n (public key infrastructure) tai sertifikaatittoman epäsymmetrisen salausjärjestelmän avulla. Tässä pro gradu -tutkielmassa käytettään systemaattista kirjallisuuskatsausta selvittämään PSD2 tuomat muutokset. Vertailu toteutettiin listaamalla PSD2:n turvallisuuteen liittyvät vaatimukset ja velvollisuudet, joita sitten vertaillaan kirjallisuudesta löydettyjen teemojen kanssa. Tutkielma löysi lopulliseksi tutkimusmateriaaliksi 22 tieteellistä artikkelia mobiilipankkien tietoturva-arkkitehtuurin toteuttamiseksi.
first_indexed 2023-03-22T09:59:11Z
format Pro gradu
free_online_boolean 1
fullrecord [{"key": "dc.contributor.advisor", "value": "Siponen, Mikko", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Kaipainen, Lauri", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2017-11-09T19:11:56Z", "language": "", "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2017-11-09T19:11:56Z", "language": "", "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2017", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.other", "value": "oai:jykdok.linneanet.fi:1738336", "language": null, "element": "identifier", "qualifier": "other", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/55818", "language": "", "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "This thesis aims to find out the changes that the Payment Service Directive (PSD2) will bring to the security architecture of mobile banking. PSD2 will create a situation where security mechanisms are separated from the actual banking application. Payment service providers must provide their Application Programming Interface for third party developers to give them access to authentication of payment transactions. PSD2 requires payments service providers to offer strong customer authentication with separate authentication mechanism from the banking application. This thesis found that academic literature about the security architecture of mobile banking does not provide a model where a separate authentication mechanism should communicate separately from the mobile banking application. Academic research could however, provide solution to use the Public Key Infrastructure of a certificateless asymmetric encryption to achieve demand of PSD2 to offer strong encryption and means to check the integrity of data and make transactions non-reputable. The research in this thesis was conducted as a systematic literature review, which found 22 academic publications about the security architecture. The comparison between the demands of PSD2 with the academic literature was done by listing security demands and responsibilities of PSD2 and comparing them with themes found from the research material.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "PSD2 vaikutukset mobiilipankkien tietoturva-arkkitehtuuriin.\r\n\r\nT\u00e4m\u00e4n pro gradu -tutkielman tarkoituksen on selvitt\u00e4\u00e4, mit\u00e4 muutoksia maksupalveludirektiivi (PSD2) tuo mobiilipankkien tietoturva-arkkitehtuurille. Astuessaan voimaan PSD2 luo tilanteen, jossa mobiilipankkien tietoturvamekanismit ovat erill\u00e4\u00e4n varsinaisesta mobiilipankkisovelluksesta. PSD2 mukaan maksupalveluiden tarjoajien on annettava p\u00e4\u00e4sy heid\u00e4n tietoturvamekanismeihinsa ulkopuolisille sovelluskehitt\u00e4jille API:n (Application Programming interface) avulla. PSD2 vaatii my\u00f6s, ett\u00e4 maksupalveluiden tarjoajat luovat vahvan asiakkaan tunnistautumisen, joiden pit\u00e4\u00e4 olla erillisi\u00e4 ja itsen\u00e4isi\u00e4 toimintoja mobiilipankkisovelluksesta. Tieteellisess\u00e4 tutkimuksessa ei esitet\u00e4 tietoturva-arkkitehtuurimallia, jossa erilliset tunnistautumissovellukset toimisivat erillisen mobiilipankkisovelluksen kanssa. Tieteellinen tutkimus voi kuitenkin tarjota ratkaisun PSD2:n vaatimuksiin tiedon salaamiseksi ja viestiliikenteen virheett\u00f6myyden takaamiseksi. T\u00e4m\u00e4 voidaan tutkimuksen perusteella toteuttaa PKI:n (public key infrastructure) tai sertifikaatittoman ep\u00e4symmetrisen salausj\u00e4rjestelm\u00e4n avulla. T\u00e4ss\u00e4 pro gradu -tutkielmassa k\u00e4ytett\u00e4\u00e4n systemaattista kirjallisuuskatsausta selvitt\u00e4m\u00e4\u00e4n PSD2 tuomat muutokset. Vertailu toteutettiin listaamalla PSD2:n turvallisuuteen liittyv\u00e4t vaatimukset ja velvollisuudet, joita sitten vertaillaan kirjallisuudesta l\u00f6ydettyjen teemojen kanssa. Tutkielma l\u00f6ysi lopulliseksi tutkimusmateriaaliksi 22 tieteellist\u00e4 artikkelia mobiilipankkien tietoturva-arkkitehtuurin toteuttamiseksi.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted using Plone Publishing form by Lauri Kaipainen (laukalka) on 2017-11-09 19:11:55.998397. Form: Master's Thesis publishing form (https://kirjasto.jyu.fi/publish-and-buy/publishing-forms/masters-thesis-publishing-form). JyX data: [jyx_publishing-allowed (fi) =True]", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by jyx lomake-julkaisija (jyx-julkaisija.group@korppi.jyu.fi) on 2017-11-09T19:11:56Z\r\nNo. of bitstreams: 2\r\nURN:NBN:fi:jyu-201711094199.pdf: 790791 bytes, checksum: 598b749b56c3ab220b28a2e2563f7af9 (MD5)\r\nlicense.html: 4304 bytes, checksum: ed3c4d7ba9263db92d7287af51eb0d4e (MD5)", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2017-11-09T19:11:56Z (GMT). No. of bitstreams: 2\r\nURN:NBN:fi:jyu-201711094199.pdf: 790791 bytes, checksum: 598b749b56c3ab220b28a2e2563f7af9 (MD5)\r\nlicense.html: 4304 bytes, checksum: ed3c4d7ba9263db92d7287af51eb0d4e (MD5)\r\n Previous issue date: 2017", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "1 verkkoaineisto (39 sivua)", "language": null, "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "eng", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "Payment Service Directive", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "PSD2", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "Security architecture", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "Mobile banking", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "maksupalveludirektiivi", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "tietoturva-arkkitehtuuri", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "mobiilipankit", "language": null, "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Effects of PSD2 on security architecture of mobile banking : a review of literature", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-201711094199", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietojenk\u00e4sittelytiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.method", "value": "Kirjallisuuskatsaus", "language": null, "element": "subject", "qualifier": "method", "schema": "dc"}, {"key": "dc.date.updated", "value": "2017-11-09T19:11:56Z", "language": "", "element": "date", "qualifier": "updated", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": "fi", "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "verkkomaksaminen", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "varmenteet", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "salaus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kyberturvallisuus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "maksupalvelut", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "direktiivit", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "mobiilisovellukset", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "j\u00e4rjestelm\u00e4arkkitehtuuri", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "sovelluskehykset", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}, {"key": "dc.type.okm", "value": "G2", "language": null, "element": "type", "qualifier": "okm", "schema": "dc"}]
id jyx.123456789_55818
language eng
last_indexed 2025-02-18T10:55:24Z
main_date 2017-01-01T00:00:00Z
main_date_str 2017
online_boolean 1
online_urls_str_mv {"url":"https:\/\/jyx.jyu.fi\/bitstreams\/296c0fbd-eb50-4913-b486-2118c4b0d435\/download","text":"URN:NBN:fi:jyu-201711094199.pdf","source":"jyx","mediaType":"application\/pdf"}
publishDate 2017
record_format qdc
source_str_mv jyx
spellingShingle Kaipainen, Lauri Effects of PSD2 on security architecture of mobile banking : a review of literature Payment Service Directive PSD2 Security architecture Mobile banking maksupalveludirektiivi tietoturva-arkkitehtuuri mobiilipankit Tietojenkäsittelytiede Kirjallisuuskatsaus 601 verkkomaksaminen varmenteet salaus tietoturva kyberturvallisuus maksupalvelut direktiivit mobiilisovellukset järjestelmäarkkitehtuuri sovelluskehykset
title Effects of PSD2 on security architecture of mobile banking : a review of literature
title_full Effects of PSD2 on security architecture of mobile banking : a review of literature
title_fullStr Effects of PSD2 on security architecture of mobile banking : a review of literature Effects of PSD2 on security architecture of mobile banking : a review of literature
title_full_unstemmed Effects of PSD2 on security architecture of mobile banking : a review of literature Effects of PSD2 on security architecture of mobile banking : a review of literature
title_short Effects of PSD2 on security architecture of mobile banking
title_sort effects of psd2 on security architecture of mobile banking a review of literature
title_sub a review of literature
title_txtP Effects of PSD2 on security architecture of mobile banking : a review of literature
topic Payment Service Directive PSD2 Security architecture Mobile banking maksupalveludirektiivi tietoturva-arkkitehtuuri mobiilipankit Tietojenkäsittelytiede Kirjallisuuskatsaus 601 verkkomaksaminen varmenteet salaus tietoturva kyberturvallisuus maksupalvelut direktiivit mobiilisovellukset järjestelmäarkkitehtuuri sovelluskehykset
topic_facet 601 Kirjallisuuskatsaus Mobile banking PSD2 Payment Service Directive Security architecture Tietojenkäsittelytiede direktiivit järjestelmäarkkitehtuuri kyberturvallisuus maksupalveludirektiivi maksupalvelut mobiilipankit mobiilisovellukset salaus sovelluskehykset tietoturva tietoturva-arkkitehtuuri varmenteet verkkomaksaminen
url https://jyx.jyu.fi/handle/123456789/55818 http://www.urn.fi/URN:NBN:fi:jyu-201711094199
work_keys_str_mv AT kaipainenlauri effectsofpsd2onsecurityarchitectureofmobilebankingareviewofliterature

Similar Items