Article 6 Requirements of the elements categorised as knowledge

Payment service providers shall adopt measures to mitigate the risk that the elements of strong customer authentication categorised as knowledge are uncovered by, or disclosed to, unauthorised parties.

The use by the payer of those elements shall be subject to mitigation measures in order to prevent their disclosure to unauthorised parties.