Scenario 7. PSD2 Rule

The scenario showcases PSD2 Trust & Exemption. Beneficiaries that are not yet trusted are challenged; beneficiaries that are already trusted are not challenged.

Scenario actor: Glenn GOULD

About this scenario - requests

The scenario consists of eight requests that are sent to Risk Analytics. In the first two requests (RA_0700.a. and RA_0700.b.), Glenn GOULD successfully logs in to her banking application.

Glenn GOULD proceeds with trusting beneficiary Teddy TANGO in request RA_0701.a. to avoid being challenged on each monetary transfer to him.

Glenn GOULD continues with a number of monetary transfers. The first transaction request RA_0702.a. to Teddy TANGO proceeds unchallenged. A second request RA_0702.b. to Ursula ULESKI gets challenged (response code: Challenge, Response = 2) as she is not a trusted beneficiary. A third request RA_0702.c. to Teddy TANGO again proceeds unchallenged.

Glenn GOULD then removes Teddy TANGO as a trusted beneficiary in request RA_0703.a., resulting in the next transaction request RA_0703.b. to Teddy TANGO to be challenged as well (response code: Challenge, Response = 2).


To analyse the rules triggered and alerts raised for the scenario, log on to Risk Analytics Presentation Service and navigate to SUPERVISE & INVESTIGATE > My Alerts.

There are no alerts for PSD2 rules. This is intentional.

Walkthrough: Verify related request of the event type and corresponding values

To verify the request related to an event type and the corresponding values, follow these steps:

Verify related request of the event type and corresponding values

  1. Navigate to SUPERVISE & INVESTIGATE > Risk & Relationship management.
  2. In the navigation pane on the left, in Search Customers By > Relationship, enter Glenn GOULD in the Relationship Reference field.
  3. Click SEARCH.

    Glenn GOULD is now displayed in the updated Customer portfolio panel.

  4. Select the Glenn GOULD name link to display the customer details and events related to Glenn GOULD.
  5. Sort the Events table by newest date/time (Date column, descending) and filter the Matches column on RA_07.
  6. The Type column shows to which event type the request is related (NewBeneficiaryAttempt, RemoveBeneficiaryAttempt, and ExternalTransfer).
  7. The Response column includes the value 2 (= CHALLENGE) for no exemption cases, and 0 (= ACCEPT) for exemption of trusted beneficiaries.