BIB education


Fintech Security

  • Banking and financial courses

Why is it important?

As of early 2018, European Union directive PSD2, the Revised Payment Services Directive is in effect. The open banking API-based directive will bring a fundamental change to the structure of the financial sector. 
In PSD2 trainings, security is often pushed into the background, although it is one of the major components of the directive. In our two-day training, we will answer the following PSD2 security-related questions:
  • What points of attack are there for hackers regarding PSD2, and how can these be handled at the management level?
  • What information security requirements does PSD2 pose? How can conformity be ensured?
  • What IT security practices and methods can be used the most effectively in the financial sector? Which relate to the directive the closest?

Course content

The course introduces the principles of the PSD2 directive, the effect of open banking API on stakeholders (banks, financial providers, customers). It presents the IT security aspects of PSD2 at the management level (SCA, risk management, incident management). It explains the primary points of attack relevant to the stakeholders. Based on decades of security experience, suggestions and methodologies are formulated to eliminate PSD2-related IT security risks. 

Course objectives are

• To provide participants with a theoretical and practical knowledge that enables them to be completely ready to make professional banking security decisions in bank and PSD2-related projects.
• To provide theoretical and practical knowledge that can serve as a strong base for the safe PSD2 compliance of participants.
• Arming participants with practically usable methodology and knowledge regarding the prevention and protection against PSD2-related information security risks. 
Who is it recommended to?
• To bank and credit institution fintech project preparation and implementation experts.
• To bank managers who play an active role in the organisation regarding PSD2 compliance.   
• To middle and top managers in the banking IT field who are working on the secure realisation of open banking API based on their work. 
• To bank-related companies that develop fintech solutions who would like to learn more about PSD2 security requirements.

Course schedule 

1. day (Thursday) 
a. PSD2 in a nutshell: The principles, scope, and stakeholders of the directive
b. The long-term effect of PSD2 on market stakeholders: What changes will banks, financial suppliers, and customers experience in the next years?
c. The safety aspects of PSD2 regarding open API: Risk Management, Strong Authentication, Incident Reporting
d. IT security risk management practices regarding PSD2
2. day (Friday)
a. The practical requirements, goals, and safe execution of Strong Customer Authentication
b. Secure and PSD2-compliant managing of bank data-related security incidents and 
c. Monitoring international transactions 
d. Final module: a summary and a short test from the training material


Two-day course.


Lívia Nagy
education organizer
+36 20 391 9445