Take a look at the beta version of dw.com. We're not done yet! Your opinion can help us make it better.
The European Union has unveiled plans to make customer authentication securer. It will soon no longer be enough to just provide a password or credit card number when making an online payment.
The European Commission on Monday unveiled new plans to "modernize Europe's payment services" and improve customer authentication online.
According to the framework, from next year online shoppers in Europe will require at least two independent items to confirm their identity before making a payment. One would be a physical item, such as a card or mobile phone, the other a password or biometric feature like a thumbprint.
Read more: Fintech minnows swim with banking whales
The Commission anticipates that the new payment solution will largely be provided by third party providers, commonly referred to as FinTech companies. Any bank offering online access to accounts will be required to work with FinTech companies in providing these new services.
Valdis Dombrovskis, the European Commission vice president and also in charge of Financial Stability, Financial Services and Capital Markets Unions, said: "These new rules will guide all market players, old and new, to offer better payment services to consumers while ensuring their security."
The Commission said that the new framework, developed in partnership with the European Banking Authority and the European Central Bank, would "significantly reduce currentfraud levels for all payment methods, especially online payments," as well as protect users' financial data.
However, exceptions will remain in place for small payments and transactions, similar to those that currently exist for contactless card payments.
Alongside the increased security provisions, the Commission also announced new rules that would allow users to aggregate information from various bank accounts in one application.
The European Parliament and Council now have three months to scrutinize the new regulations and, if approved, they would be published in the EU official journal. Banks and payment service providers would then have 18 months to put the new security measures in place.