SDK integration: How is it possible to ensure that the UI maintains its integrity whilst performing the customisations and modifications necessary to perform SCA?

As defined in article 5 of the RTS a payment service provider is required to verify the [integrity], [authenticity] and [confidentiality] of the information shown to the customer through the entire payment process. From this it follows that when transaction data is validated by the customer it is very important to detect attempts at tampering with what is shown. Tampering can happen by malware taking control of the application and modifying the transaction details, or using overlays or floating windows to trick the customer into approving fraudulent transactions.<br/><br/>

There are two types of mechanisms that can protect against this type of attack:<br/><br/>

Passive mechanisms, such as checking for SYSTEM windows using services provided by the operating system;<br/><br/>

Active detection, where the content of what is shown to the user is verified using a digital watermark and a screenshot as the transaction is verified.<br/><br/>

By having the authentication code be part of the watermark the display itself is verified as part of the [Dynamic Linking] process.<br/><br/>

A challenge here is that there is a natural conflict between the priorities set by “high security” and “advanced user interface”: With high security you want to control everything shown on the screen, making sure that what the customer sees is valid, which can conflict with having a fluid and dynamic user interface. But, it is important to choose a system that can actually help protect the user interface, not just what happens in the background. If that system can let you use a dynamically defined user interface which is fully in control of you as a payment service provider it is even better.<br/><br/>

Attacks on the user interface can happen on all mobile operating systems, as well as on Windows and OSX.