Security Compass Adds Support for EBA Security of Internet Payments Guidelines in Latest SD Elements Release

Share Article

SD Elements, a security requirements enterprise management solution now supports the European Banking Authority (EBS) “Security of Internet Payments” guidelines, a critical update for global payment service providers.


With cases of online fraud increasing throughout Europe, and elsewhere around the world, the security of online transactions has never been more critical than it is today

Security Compass, a leading web and mobile application security firm, announces an important update to its SD Elements security management enterprise solution with new built-in support for the European Banking Authority (EBA) “Security of Internet Payments” guidelines.

“The EBA’s new standards for online payments are an important regulatory change for payment service providers in Europe,” said Rohit Sethi, VP of Security Compass and head of its SD Elements division. “With cases of online fraud increasing throughout Europe, and elsewhere around the world, the security of online transactions has never been more critical than it is today. Through our latest update, the SD Elements platform makes it easier for payment service providers and other organizations to not only achieve compliance with the new EBA guidelines, but to also be ready for the higher standards of the upcoming PSD 2 implementation. SD Elements uses the industry’s most robust set of security requirements, so it enables all companies to achieve the highest level of information assurance within their networks and products.”

Announced on December 19, 2014, the EBA’s new guidelines are the minimum security requirements that European Union payment service providers (PSP) must implement. Online fraud is a growing concern to businesses and governments around the world, but in the EU fraud has skyrocketed in recent years. According to estimates cited by the EBA, fraud on card internet payments alone caused €794 million of losses in 2012 (up by 21.2% from the previous year).

The Security of Internet Payments guidelines serve as a transitional regulation before Payment Services Directive 2 (PSD 2) enters into force in 2017/2018. The current guidelines establish key security requirements for all types of online payment transactions, including card payments, direct debit, internet credit transfer and electronic money transfer between e-money accounts.

SD Elements’ new update helps PSPs meet the requirements set forth by the EBA to ensure more secure online transactions. However, the SD Elements platform goes further, by providing the industry’s most comprehensive set of software security requirements, which allows organizations to eliminate up to 97% of high-risk vulnerabilities in their software applications.

Key highlights for SD Elements’ EBA update:

  •     SD Elements now covers all sections of the EBA’s Security of Internet Payments, which have ramifications on secure software development
  •     Specifically, these include sections pertaining to risk control and mitigation, traceability, enrollment for or provision of authentication tools and software, secure customer authentication and login parameters, transaction monitoring, protection of sensitive data, communication security, customer education and customer access to transaction data
  •     SD Elements now provides more than 90 links between its own secure development tasks/tests and the sections/subsections of EBA Security of Internet Payments
  •     It also provides more than 15 particular task amendments to clarify specific requirements of the EBA document

What is SD Elements?

Instead of fixing application flaws after the fact, SD Elements enables developers to create secure code from the start, and prevent vulnerabilities from ever existing – the most cost effective way of mitigating risks. Developers who use SD Elements can reduce high-risk vulnerabilities in their applications by as much as 97%. The platform offers a number of important features, including the industry’s largest database of software security requirements and test cases, detailed reporting, customizable content, task prioritization, code samples, embedded training and constant security updates.

The secure application lifecycle management needs of organizations are increasingly inherent in their everyday life. Compliance (PCI, HIPAA), secure coding, best practices in the software development lifecycle are continually at the forefront of companies’ minds. Working with leading ALM solutions like JIRA, Rally, Team Foundation Server and Tasktop, SD Elements helps development teams create and validate a method of deploying secure software while building security in.


SD Elements is a software security requirements management solution that eliminates up to 97% of high-risk vulnerabilities at the earliest stage of the software development lifecycle. It provides prescriptive, secure coding advice based on your projects application technology, business and compliance drivers. SD Elements can easily scale to thousands of applications allowing centralized information security teams to positively influence software development across the organization with minimal process change. SD Elements eliminates security vulnerabilities before scanning begins – the most cost effective way of mitigating risks. Website:


Headquartered in Toronto, Security Compass is a leading information security firm specializing in web and mobile application security for Fortune 10s-500s, large financial institutions, energy firms, technology/software providers, media companies, retailers and other businesses. Security Compass guides teams in building customized security blueprints based the industry, software development lifecycle, and business needs to cost-effectively mitigate risks. Its secure application lifecycle management tool, SD Elements, was selected for Ovum's 2014 On the Radar report and recognized by Gartners 2014 Cool Vendors in Application and Endpoint Security report. Website:


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Christine MacDonald
Visit website