Example
If a customer approves a €500 payment to account A, but a remote attacker tries to change the amount to €5,000 or switch the recipient to account B, the transaction must fail. Dynamic linking ensures that any change to the amount or recipient breaks the approval and requires a new, verified confirmation.
This approach helps prevent fraud - even if a login or device is compromised - by making sure each transaction is explicitly authorised by the right person.
What’s Changing with PSD3?
PSD3 is expected to come into effect in 2026, introducing stricter rules around fraud liability and consumer protection. One of the key changes is that banks and payment providers will face greater responsibility if unauthorised transactions occur.
This makes it even more important to prove that the right person approved each action. By combining biometric authentication with dynamic linking, organisations can reduce fraud risk and demonstrate compliance - helping to meet the higher standards set out under PSD3.