Skip to Content
Whole SectionText only Print Print Manager Link


Where any of the elements of authentication or the authentication code is used through a multi-purpose device including mobile phones and tablets, the AISP and PISP must adopt security measures to mitigate the risk resulting from the multi-purpose device being compromised. The mitigating measures must include each of the following:

(a) the use of separated secure execution environments through the software installed inside the multi-purpose device; and
(b) mechanisms to ensure that the software or device has not been altered by the payer or by a third party or mechanisms to mitigate the consequences of such alteration where this has taken place.
Added: December 2018
(1 Version)
Dec 1 2018 onwards
Back to top