So what security challenges does PSD2 throw up? Traditionally, IT departments and security teams have exerted their time and effort on reinforcing perimeter security, i.e. protecting everything that runs inside the firewall. However, banks have been victims of Man-in-the-Browser (MitB) attacks, a client-side threat that is able to modify transactions while they’re happening in the browser and steal credentials without the end-user’s knowledge. Under Open Banking, data will increasingly be passing through a client (a customer) to an open interface, becoming extremely vulnerable to attacks as there is no way to control the customer’s device, whether that be a mobile phone or a web browser. By facilitating access to customer data, third-party providers also become targets for so-called client-side attacks.
Read more by clicking on link techradar