The upcoming PSD3 and Payment Services Regulation (PSR) introduce new expectations for how banks and payment service providers approach strong customer authentication (SCA). One of the most significant changes is the requirement to offer an alternative authentication method for users who cannot—or choose not to—use smartphones.
For organizations that have primarily relied on mobile-based authentication, this introduces a clear need to expand their approach.
Rethinking Authentication Beyond the Smartphone
Smartphones have become the default digital identity and access tool, especially in financial services. They’re convenient, personal, and tightly integrated into most authentication flows. But not all users fall neatly into that model.
Not everyone has a smartphone, and even those who do may not feel comfortable using it for sensitive actions. In some corporate environments, using personal devices for authentication is restricted. From a regulatory perspective, offering mobile-only authentication will no longer be sufficient.
Meeting these requirements doesn’t mean rebuilding systems from scratch — but it does require broadening the authentication toolkit.
A Purpose-Built Option for Inclusive, Compliant Authentication
This is where hardware authenticators like Talisman offer a smart, future-ready alternative — explicitly designed to meet the dual demands of regulatory compliance and real-world usability.
Talisman is a FIDO2-based USB hardware token that provides a simple, plug-and-play experience. There are no passwords to remember, no drivers to install, and no smartphone required.
Users can authenticate or approve transactions directly from their desktop browser, including Chrome, Firefox, Edge, and Safari, without additional apps or setup steps.
One standout feature is visual transaction confirmation, which Talisman supports natively. That means no QR codes and no manual re-entry of transaction data — just a fast, intuitive experience for actions like payment approvals or administrative access.
Who Benefits
Hardware tokens like Talisman are not here to replace mobile authentication. Instead, they fill the gaps where mobile options aren’t practical or permitted. They’re especially valuable for:
- Individuals without a smartphone or those who prefer not to use one
- Professionals accessing secure systems from desktop environments
- Roles requiring high-assurance access, such as auditors, executives, or IT admins
- Workplaces with BYOD restrictions, where personal device use is prohibited
The goal in each case is the same: to ensure secure, accessible authentication for all users.
Future-Proofing, Without Overhauling
As PSD3 and PSR reshape the regulatory landscape, financial institutions are rethinking how to balance security, usability, and inclusivity. The shift doesn’t require a complete overhaul but calls for adaptable, standards-based additions to existing authentication strategies.
Talisman represents one such addition: a reliable, compliant, and user-friendly hardware authenticator that extends secure access to all user segments — without adding complexity.
In the end, strong authentication shouldn't depend on what kind of device someone owns. It should just work — for everyone.
.webp)
