The upcoming PSD3/PSR1 regulation introduces stricter requirements for Strong Customer Authentication (SCA). One of the most notable changes is the requirement to provide authentication methods that do not depend on smartphone possession.
This rule aims to increase inclusivity and accessibility in financial services and ensure that banks cannot force customers to rely on a single authentication method, such as a smartphone.
Specifically, the regulation states:
Payment services providers shall not make the performance of strong customer authentication dependant on the exclusive use of a single means of authentication and shall not make the performance of strong customer authentication depend, explicitly or implicitly, on the possession of a smartphone. Payment services providers shall develop a diversity of means for application of strong customer authentication to cater for the specific situation of all their customers.
– REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on payment services in the internal market and amending Regulation (EU) No 1093/2010, Article 88 - Accessibility requirements regarding strong customer authentication
Hardware tokens represent an excellent, regulation-compliant alternative to smartphone-based authentication — especially when implemented correctly. And Talisman is a prime example. Built on the FIDO2 standard, it provides robust, standards-based protection for both logins and transaction approvals.
Below are three main reasons why Talisman stands out as the best solution in its category.
Talisman delivers one of the most intuitive user experiences in hardware tokens. As the only authenticator device in the market, it automatically displays transaction details on its screen and seamlessly confirms transactions through its USB-C connection.
Users do not need to rewrite transaction data, scan QR codes, enter OTPs, or input any data manually. Once a user initiates a payment, the transaction data instantly appears on the device. After confirming it with their PIN code, the transaction is securely authorized within the banking system.
Talisman requires no software installation or drivers. It works out of the box, leveraging the native FIDO2 support built into all major browsers and operating systems. Users simply plug in the USB-C device, set up a personal PIN code, and link it to their bank account. It’s a zero-friction experience for users and requires minimal support effort from banks.
Unlike SMS OTPs, which can be intercepted or redirected, and even mobile apps, which are vulnerable to authorized push payment (APP) fraud, Talisman offers true phishing resistance. Each authentication or transaction confirmation is cryptographically bound to the domain for which the device was initially registered, preventing usage on phishing or scam websites.
Even More Advantages for Banks
While the points above focus on the end-user experience, Talisman also provides significant operational and compliance benefits to the financial institutions. For example:
Hassle-Free Shipping, Simple Logistics
Talismans are compact, durable, and easy to ship. Also, Talismans are not personalized, so you can keep them at branches or ship them via standard post.
User Self-Service, Automated Life-Cycle Management
Users can personalize and self-register their Talismans. Once you distribute the devices, our backend systems handle the rest, including device registrations or blocking.
Straightforward Integration, No Vendor Lock-In
Talisman works with standard FIDO2 documentation — no proprietary components are required. Banks can use any compatible FIDO2 authenticator or device-bound passkey if they choose to.
Flexible Commercial Terms
Depending on your needs, Talismans are available as a one-off purchase or subscription model.
Interested in trying Talisman?
Request a free sample or schedule a call with our team to explore how Talisman can help you achieve PSD3/PSR1 compliance with an elegant, user-friendly, and future-proof authentication solution.
.webp)