In Germany, the cashless payments made each year total more than EUR 50 trillion -- a figure many times larger than the gross domestic product of the entire country.

The security of the IT systems involved in such transactions has thus always been a high priority. Today, chip-based procedures facilitate the simple and secure processing of cashless card payments at the point of sale in retail settings. Meanwhile, modern two-factor authentication solutions like the chipTAN procedure safeguard applications in online banking.

In recent years, the increasing trend towards e-commerce has given rise to the need for new, online-based payment methods. Retailers and customers alike therefore have to determine the level of security they can expect from an ever-growing list of different payment procedures offered by numerous (often unfamiliar) providers. As part of the greater efforts now being made by Germany's legislators to respond to this situation, more and more legal and regulatory requirements have been established at both the national and European level regarding IT security measures for electronic payment transactions.

In evaluating IT systems used in the context of such payment transactions, the BSI elaborates on the technical details of these requirements in the form of specification papers, which it plans to develop further into Technical Guidelines. In this way, the BSI offers orientation to both the providers of payment procedures and their customers in an area that often seems like a maze of very different technologies, protocols, and standards.