{"id":362,"date":"2019-09-16T11:08:32","date_gmt":"2019-09-16T10:08:32","guid":{"rendered":"https:\/\/psd2meniet.nl\/?p=362"},"modified":"2019-09-17T20:21:39","modified_gmt":"2019-09-17T19:21:39","slug":"koudwatervrees-triodosbank","status":"publish","type":"post","link":"https:\/\/psd2meniet.nl\/en\/koudwatervrees-triodosbank\/","title":{"rendered":"Cold snap Triodos Bank"},"content":{"rendered":"<p>Customers of the Triodos Bank received on Monday September 9th the opportunity to receive a <a rel=\"noreferrer noopener\" aria-label=\"padlock (opens in a new tab)\" href=\"https:\/\/www.triodos.nl\/service\/particulieren\/bankieren\/psd2\" target=\"_blank\">padlock<\/a> to shield their accounts. Within a week, the Triodos Bank removed the padlock. You don't just develop a service like that. A case of cold feet or clever marketing? <\/p>\n\n\n\n<p>The PSD2 is <a class=\"info-marker\" data-info=\"Het voorstel van de Europese richtlijn nr. 2015\/2366 betreffende betalingsdiensten in de interne markt (PSD II) is al van 25 november 2015. Een Europese Richtlijn moet worden opgenomen in nationale wetgeving. In Nederland wordt de PSD2 opgenomen in de 'Implementatiewet herziene richtlijn betaaldiensten'(Kamerdossier 34.813). Met deze implementatiewet worden de Wet op het financieel toezicht, de Wet bekostiging financieel toezicht, het Burgerlijk Wetboek, de Wet handhaving consumentenbescherming en de Uitvoeringswet Algemene verordening gegevensbescherming gewijzigd. Het wetsvoorstel is op 11 september 2018 aangenomen door de Tweede Kamer en op 4 december door de Eerste Kamer.\">in force for some time<span class=\"icon\"><\/span><\/a>. The fact that banks now inform their customers is because as of 14 September <a class=\"info-marker\" data-info=\"Voordat de PSD2 uitgevoerd kan worden moeten financi\u00eble dienstverleners afspraken maken over hoe zij de diensten en transacties technisch gaan uitvoeren. Hier worden meerdere Guidelines en Regulatory Technical Standards (RTS) voor ontwikkeld. Een belangrijke RTS, die over Strong Customer Authentication &amp; Secure Communication under PSD2, trad afgelopen 14 september in werking. <\/p><p>Link naar overzicht guidelines en RTS: https:\/\/www.toezicht.dnb.nl\/2\/50-236929.jsp. Link naar de RTS over de sterke clientauthenticatie https:\/\/www.eba.europa.eu\/regulation-and-policy\/payment-services-and-electronic-money\/regulatory-technical-standards-on-strong-customer-authentication-and-secure-communication-under-psd2.\">technical agreements in force.<span class=\"icon\"><\/span><\/a>  With this RTS, PSD2 service providers can actually start offering their services. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Triodos gives customers a padlock<\/h2>\n\n\n\n<p>In its newsletter of 9 September, Triodosbank introduced the 'Shield account' option in Mobile or Internet Banking. This enabled a consumer to <a class=\"info-marker\" data-info=\"de term 'bewust' is afkomstig van de Tridosbank.\"> deliberate choice <span class=\"icon\"><\/span><\/a> to completely shield a checking account with a kind of 'extra' padlock in the form of a simple slide. If you give permission to use a PSD2 service, you should also remove this padlock.  Earlier, Volksbank (with the brands SNS bank, ASN Bank and Regiobank) came up with <a rel=\"noreferrer noopener\" href=\"https:\/\/www.devolksbank.nl\/verantwoord-ondernemen\/data-privacy\/hoe-wij-ons-sterk-maken-voor-privacy\" target=\"_blank\">a main switch<\/a>. Also <a rel=\"noreferrer noopener\" href=\"https:\/\/www.consumentenbond.nl\/nieuws\/2018\/tweede-kamer-zorg-bij-psd2-voor-extra-veiligheidsslot\" target=\"_blank\">pleaded the Consumers' Association<\/a> before for extra protection. With this 'main switch' a customer can close his payment account completely for PSD2 service providers, or choose to open the account.  <\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p> Extra option: Shield account <\/p><cite>\"In Internet and Mobile Banking you have the possibility to turn on 'Shield account'. If you enable this option, no other party will have access to your account. If you want to give a party access anyway, this is only possible when you disable 'Block account'. (source: Triodosbank newsletter 9 September 2019) <\/cite><\/blockquote>\n\n\n\n<p>In both cases, the protection is limited and can be used only once. As soon as you give a provider permission to use your payment details, the extra protection is removed. However, it is possible to revoke all your permissions at once.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Padlock turns out to be dead sparrow<\/h2>\n\n\n\n<p>After four days Triodosbank deactivated the Account Shielding option. Triodos gives as a reason \"The legislation and regulations surrounding this subject are relatively new and further clarification on how this extra protection fits in with this appears to be necessary\".<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"918\" height=\"349\" src=\"https:\/\/psd2meniet.nl\/wp-content\/uploads\/2019\/09\/afbeelding.png\" alt=\"\" class=\"wp-image-364\" srcset=\"https:\/\/psd2meniet.nl\/wp-content\/uploads\/2019\/09\/afbeelding.png 918w, https:\/\/psd2meniet.nl\/wp-content\/uploads\/2019\/09\/afbeelding-300x114.png 300w, https:\/\/psd2meniet.nl\/wp-content\/uploads\/2019\/09\/afbeelding-768x292.png 768w, https:\/\/psd2meniet.nl\/wp-content\/uploads\/2019\/09\/afbeelding-100x38.png 100w\" sizes=\"(max-width: 918px) 100vw, 918px\" \/><figcaption> Deactivation on 13 September 'Shielding account'. <\/figcaption><\/figure>\n\n\n\n<p>Does this communication suggest that Triodos is assuming that ring-fencing of the account will become possible again? Privacy First would welcome this. The freely given consent is under pressure. An extra step can contribute to a <a href=\"https:\/\/autoriteitpersoonsgegevens.nl\/nl\/onderwerpen\/financien\/betaaldiensten#faq\">high-quality consent<\/a> where a consumer actually makes an informed and conscious choice of his own. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Update 17 September: additional information Tridos<\/h4>\n\n\n\n<p>Triodos was asked for more information on 16 September. On 17 September we received the following response:<\/p>\n\n\n\n<p>Q: How many customers have made use of the account shielding feature? <br>A: <em>We had only offered the facility for a short time, so it was too early to give a complete picture of the interest, but we did see that customers responded positively. We had also received signals earlier that there was a clear need among customers for an option to add an extra warning.<\/em><\/p>\n\n\n\n<p>Q: What prompted the Triodos Bank to develop the padlock and then deactivate it? You don't set up such a protection just like that, it costs the necessary resources. <br>A: <em>Because we regularly receive questions from customers about the protection of their account details, we look at how we can offer this extra protection. The laws and regulations surrounding this subject are relatively new and further clarification on how this extra protection fits in is necessary. Until this clarification has been completed, we choose not to offer this extra padlock.<\/em><\/p>\n\n\n\n<p>Q: The Volksbank has a similar possibility, the 'main switch'. They have indicated several times that they may want to litigate. Why didn't you take this route? <br>A: <em>Each company is responsible for interpreting the laws and regulations and their application. Because we regularly receive questions from customers about the protection of their account details, we look at how we can offer extra protection. As soon as we have more information about the possibility of extra protection for a payment account, we inform our customers.<\/em><\/p>\n\n\n\n<p>Q: The announcement referred to a 'conscious choice' for extra security. Now that this protection is gone, what signal does that give about the protection offered by the PSD2? <br>A: <em>It is important to know that customer account details are and remain protected. Customers always give their express permission to share data with third parties and use their identifier for this purpose. The 'Shield account' option was an extra service that enabled customers to completely shield a payment account with a kind of 'extra' padlock. This gives a customer an extra reminder when they are tempted to share data with third parties, because they first have to remove that extra padlock before they give permission. In all cases it is up to the customer. <\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>Customers of the Triodos Bank received on Monday September 9th the opportunity to apply a 'padlock' to their ... <\/p>\n<div><a href=\"https:\/\/psd2meniet.nl\/en\/koudwatervrees-triodosbank\/\" class=\"more-link\">Read More<\/a><\/div>","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[],"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","trp-custom-language-flag":"","post-thumbnail":"","entry":"","entry-cropped":"","entry-fullwidth":"","entry-cropped-fullwidth":""},"post_excerpt_stackable_v2":"<p>Klanten van de Triodosbank ontvingen op maandag 9 september de mogelijkheid om een &#8216;hangslot&#8217; aan te brengen om hun rekening af te schermen. Binnen een week verwijderde de Triodosbank het hangslot. Een dergelijke dienst ontwikkel je niet zomaar. Een gevalletje koudwatervrees of slimme marketing? De PSD2 is al enige tijd van kracht. Dat banken hun klanten nu informeren komt doordat vanaf 14 september technische afspraken van kracht zijn. Met deze RTS kunnen PSD2 dienstverleners daadwerkelijk hun diensten gaan aanbieden. Triodos geeft klanten een hangslot In haar nieuwsbrief van 9 september introduceerde de Triodosbank de optie &#8216;Rekening afschermen&#8217; in Mobiel of&hellip;<\/p>\n","category_list_v2":"<a href=\"https:\/\/psd2meniet.nl\/en\/category\/opinie\/\" rel=\"category tag\">opinie<\/a>","author_info_v2":{"name":"Martijn van der Veen","url":"https:\/\/psd2meniet.nl\/en\/author\/martijn\/"},"comments_num_v2":"1 comment","_links":{"self":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts\/362"}],"collection":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/comments?post=362"}],"version-history":[{"count":9,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts\/362\/revisions"}],"predecessor-version":[{"id":427,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/posts\/362\/revisions\/427"}],"wp:attachment":[{"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/media?parent=362"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/categories?post=362"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/psd2meniet.nl\/en\/wp-json\/wp\/v2\/tags?post=362"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}