Payment Services Directive 2 (PSD2) is a European Union (EU) regulation that came into effect in 2018. It aims to standardize electronic payments across the EU and increase competition within the payments industry. PSD2 requires that all payment providers in the EU, including banks, comply with a range of new rules regarding how they manage customer data and process payments.
Key features of PSD2
Strong Customer Authentication (SCA)
One of the most important aspects of PSD2 is the introduction of Strong Customer Authentication (SCA). SCA is a new security measure that requires customers to provide two or more forms of authentication when making a payment. This might include something the customer knows (such as a password), something they have (such as a mobile phone), or something they are (such as a fingerprint).
Another key feature of PSD2 is the concept of open banking. This means that banks must allow third-party payment providers to access their customers' accounts (with the customer's permission), making it easier for customers to use alternative payment providers and for new players to enter the market.
Payment Services Providers (PSPs)
Under PSD2, Payment Services Providers (PSPs) are categorized into three types:
- Account Information Service Providers (AISPs): These providers can access a customer's account information (with the customer's permission) and provide information to the customer about their account.
- Payment Initiation Service Providers (PISPs): These providers can initiate payments on behalf of a customer (with the customer's permission).
- Card Payment Providers (CPPs): These providers offer payment services that use a card as the payment instrument.
Why is PSD2 important?
PSD2 is important because it seeks to address a number of issues within the payments industry. For example, it will make it easier for customers to use alternative payment providers, which should increase competition and drive down prices. It will also make it easier for customers to access their account information and make payments more securely.
How to become PSD2 compliant
If you are a PSP, you must become PSD2 compliant to continue operating in the EU. To become compliant, you must meet a range of new rules and regulations related to customer data management and payment processing. You will also need to implement SCA and allow third-party payment providers access to your customers' accounts (with the customer's permission). If you are unsure about how to become PSD2 compliant, you should seek expert advice from a payments industry professional.