EU’s Payment Services Directive (PSD2): What It Is And Why It Mattersby Fintechnews Switzerland September 23, 2016
Recent regulatory changes in Europe, including the Payment Services Directive (PSD2), are set to accelerate payments innovation.
The Payment Services Directive (PSD) was initially adopted by the European Union (EU) in 2007 and aimed at providing a legal framework for all payments made in the region with the purpose of making these faster, more efficient and easier to use for European consumers and payments services providers.
In October 2015, the EU adopted a revised PSD – also referred to as PSD2 – that sought to enhance consumer protection, promote innovation and improve the security of payments services.
PSD2: What is it?
PSD2 is a major policy development expected to impact the payments industry across Europe through: further standardization and interoperability of cards, Internet and mobile payments methods; the reduction of barriers to entry in particular for card and Internet payments providers, driving thus increased competition, innovation and transparency across the European payments market; as well as providing the necessary legal platform for the Single Euro Payments Area (SEPA).
The directive seeks to improve the existing EU rules for electronic payments, while taking into account emerging innovative payment services, such as Internet and mobile payments. It sets out rules concerning:
- Strict security requirements for electronic payments and the protection of consumers’ financial data, guaranteeing safe authentication and reducing the risk of fraud;
- The transparency of conditions and information requirements for payment services;
- The rights and obligations of users and providers of payment services.
The regulation came into effect on January 12, 2016, and EU countries must incorporate it into national law by January 13, 2018.
The new directive brings key changes that include:
Third-party payment initiation: Payment Initiation Service Providers (PISP) will be able to initiate online payments from the payer’s bank account. This will encourage competition in the European payments industry. Accenture estimates PISP services could account for up to 16% of online retail payments by 2020.
The definition of a “payment institution” is extended to new types and categories of players. While the original PSD applied only to transactions occurring within the EU, the PSD2 will extend this scope to “one leg out” transactions.
Third-party account access: The directive will regulate account information service providers (AISPs). These providers act as aggregators of customer payment account information.
Prohibition of card surcharges: The regulation seeks to standardize the different approaches to surcharges on card-based transactions across the EU.
Security of online payments and account access through the introduction of new security requirements for electronic payments and account access, along with new security challenges relating to AISPs and PISPs.
The directive will affect everyone in the shifting payment landscape. This includes banks, fintechs, the PCI (Payment Card Industry) as well as merchants.
PSD2 will bring both challenges and opportunities for European banks. Banks will be required to open up their infrastructure to third parties by offering APIs under the XS2A (access to account) rule. They will be forced to grant them access to their customers’ online account/payment services in a regulated and secure way.
On the other hand, PSD2 presents significant opportunities to grow new revenue streams – by facilitating and monetizing access to raw data and banking services, for instance –, capture customer ownership and process toward an extended ecosystem centered on the “Everyday Bank,” a concept that takes banking to being trusted, indispensable and central to consumers’ everyday activities.
Featured image: Mobile banking concept by Ditty_about_summer, via Shutterstock.com.