PSD2: What is It? Why it’s Important + How to Be Compliant
Beginning in January 2018 some important changes happened in European regulations for electronic payment services. The regulation is called PSD2 and it’s designed to:
- Make payments more secure in Europe
- Help banking services adapt to new technologies
- Boost innovation
With PSD2, the importance of Application Program Interfaces (APIs) in various financial sectors is increasingly evident.
But what exactly is PSD2 and what does it mean for your e-commerce business?
Read on to learn all about PSD2 — what it does, why it’s important, and how to make sure your business is compliant.
Table of contents
- What is PSD2?
- Why is PSD2 important?
- What changes and benefits come with PSD2?
- Make your e-commerce store PSD2 compliant with 3D Secure 2.0
- PSD2 implementation and MONEI
What is PSD2?
The original Payment Service Providers Directive (PSD) began in 2007 and aimed to promote innovation, competition, and efficiency in the European Union by contributing to the development of a single payment market in the region.
The European Commission proposed an amendment to PSD in 2013 (that’s when the two was added to PSD) to strengthen the objectives of the original legislation.
PSD2 came into force between January 13, 2018, and September 14, 2019, and strives to boost competition and innovation in the electronic payment sector, reinforce security in the payments market, improve customer protection, and facilitate the development of new methods of payment and e-commerce.
Is PSD2 the same as online banking?
This regulation changes online transactions and banking, making online transactions more secure and creating new business opportunities in the world of online banking. PSD2 allows third-party access to customers’ payment accounts with their permission. Until now, this information has been limited to just financial institutions. This opens up the potential for new business models using this financial data. For example, third parties can better assess consumers’ creditworthiness by analyzing their financial information. PSD2 will change the face of online banking, but the regulation encompasses more than just online banking.
Why is PSD2 important?
PSD2 has the power to transform banking and financial services — it will be easier to create new payment methods and make them more secure.
Banks are opening their payment services to other companies or Third Party Payment Service Providers (TPPs), which is forming the foundation for an open banking environment. This allows customers to seamlessly manage and move money around. And it also creates new opportunities for companies to build platforms that help customers better manage their money and make payments.
What changes and benefits come with PSD2?
All the changes that will come with PSD2 are still unclear, but banks opening their payment services to TPPs is causing the most disruption, so let's start there:
PSD2 and TPPs
Two types of services that already existed when the first PSD was implemented in 2007 are still regulated and harmonized by PSD2 — and they have become more popular in recent years:
1. Payment Initiation Services (PIS)
PIS is when other providers use online banking to facilitate online payments. A TPP can initiate a payment from the consumer’s account to the merchant’s account thanks to an interface that bridges both accounts. It fills in the information needed for the bank transfer (transaction amount, account number, etc.), and sends transaction confirmation to the store.
PSD2 also lets customers make payments to a third party from a bank’s app using any of their accounts, regardless of whether the bank or financial institution the accounts belong to.
2. Account Information Services (AIS)
AIS includes collecting and storing information from a customer’s various bank accounts in a single place, giving customers a global view of their financial situation so they can quickly analyze their expenses and financial needs.
Before PSD2, TPPs experienced many challenges preventing them from scaling solutions in European Union countries. It’s expected that by removing these barriers, competition will flourish with the arrival of new players. But compliance with the same rules as traditional payment service providers (PSPs) is required, including registration, authorization, and supervision by authorities.
PSD2 and SCA
Another key development in PSD2 is the introduction of Strong Customer Authentication (SCA), a security requirement for payments made online or through payment apps.
This involves authentication based on the use of two or more of these elements:
- Knowledge. Something only the user/customer knows
- Possession. Something only the user/customer possesses.
- Inherence. Something the user/customer is.
These must be independent of one another so the breach of one does not compromise the reliability of the others. SCA is designed to protect the confidentiality of the authentication data.
PSD2 and consumers
With PSD2, customers can have a more seamless banking experience by managing all their money in one place through an open banking platform. Applying for loans will be easier for customers because creditors can view their banking data with their permission. People with insufficient traditional credit histories can benefit from this by getting loans they may not have been approved for previously.
And for online purchases, the way customers authorize their purchases changes. Card number, expiration date, and CVV will no longer be valid factors for authentication. Instead, authentication methods like 3D Secure are used (more on this later).
PSD2 and existing legislation
There are over 100 articles in PSD2. Some of the most significant changes to existing legislation include the following:
- Extend the geographical reach of the legislation. If either party in a transaction, the bank, or the customer, is part of the EU the regulations apply to both parties.
- Implement customer authentication. The legislation deals with fraud by mandating account holder authentication tools for all electronic payment operations. Payment service providers and financial institutions must use two-factor authentication, also known as Strong Customer Authentication, or SCA.
- Recognize payment service providers. Proven innovators in the digital payment space are empowered to access an official registration system where they can get operational licenses to directly access bank data with explicit customer consent.
Make your e-commerce store PSD2 compliant with 3D Secure 2.0
Now that you understand what PSD2 is, you’re probably wondering how to comply while accepting payments in your business. Luckily, with MONEI as your PSP, payment security is handled for you. MONEI has 3D Secure 2.0. payments technology — there’s an extra layer of protection for both the cardholder and your business during online transactions.
Some of the benefits of using 3D Secure include:
- Reduced risk of fraud. Additional layers of security protect customers from online fraud.
- More protection for your business and customers. The customer's card information has additional protection. Merchants have additional protection against chargebacks. It’s a win-win.
- Improved customer experience. Happier customers lead to more sales.
- More international transactions. Expand your e-commerce business across borders — reach customers in more countries with added security.
- Be PSD2 compliant. 3D Secure 2.0 takes care of many of the requirements to be compliant.
💡Pro Tip: Learn how you can configure or change 3D Secure authentication settings in your MONEI account.
PSD2 implementation and MONEI
The result of PSD2 is a more integrated European payment market, ensuring online payments are safer and more secure, protecting you and your customers. To ensure that your e-commerce transactions are PSD2 compliant, it’s recommended that you implement 3D Secure authentication and we can help you with this.
You may also like to read
- What is a Payment Gateway? (+ Compare Options)
- What is 3D Secure? And Its Advantages for E-commerce
- What is Tokenization? And its Benefits for E-commerce
What is the meaning of PSD2?
Simply put, Payment Services Directive Two (PSD2) is a piece of legislation designed to enforce new regulations around third-party involvement and force payment service providers to improve customer authentication processes.
What is the PSD2 payment method?
PSD2 is not technically a payment method. It’s a regulation for electronic payment services in Europe. It aims to make payments more secure, increase innovation, and help banking services adapt to new technologies.
What are PSD2 requirements?
PSD2 requires all Third Party Payment Providers (TPPs) to be authorized and regulated. Their activities are monitored and supervised by the relevant authorities.
What is PSD2 regulation in Spain?
PSD2 in Spain has an additional regulation on surcharges. Merchants are banned from requesting extra charges for customer payments.
What are PSD2 requirements EU?
PSD2 requires banks to implement multi-factor authentication to protect consumers. Two of these three authentication factors must be used:
What is PSD2 in Europe open banking?
PSD2 is the revised Payment Services Directive. It’s a European regulation that requires banks to create systems to enable Third Party Payment Providers (TPPs) to work securely, reliably, and quickly with the bank’s services and data on behalf of and with the consent of its customers.
Alexis Damen is the Head of Content at MONEI. She loves breaking down complex topics about payments, e-commerce, and retail to help merchants succeed (with MONEI as their payments partner, of course).