PSD2: What you need to know

29-01-2019 | Industry news

The ever-evolving world of payments

The world of payments is constantly changing, and the recently reshaped PSD2 law has accelerated developments within the payment and FinTech industry. We love sharing our knowledge, so we decided to ask our IT/Product consultant Borja Gonzalez Hernandez to clarify Payments Service Directive 2, more commonly known as PSD2.

Why has PSD2 developed?

First, let’s introduce Payment Services Directive (PSD), which was adopted in 2007. PSD2 created a single market for payments (credit transfers, direct debits and cards) in the EU. In short, it provided the legal foundation for a Single Euro Payment Area (SEPA).

Since the birth of the PSD, major technological breakthroughs have occurred and the digitalisation of the European economy has steadily advanced.This created a host of new Fintech players and services, particularly within the payments industry, that were outside of the scope of PSD, and therefore not regulated at EU level. And as a result, an update of the PSD was needed.

What is PSD2?

PSD2 is a revised version of the original PSD. Essentially, this means that emerging Fintech players can now be registered, licensed and regulated at EU level.

Its goal is to make payments safer, increase consumers’ protection, foster innovation and competition while ensuring a level playing field for all players, including new ones.

On the basis of PSD2, banks are obliged to share payment data (free of charge) with third parties (service providers without a bank license), but only if the customer explicitly gives permission for this.

What are the major changes (PSD – PSD2)

New players will have access to the consumers’ payment accounts (XS2A)  using APIs, and with the permission of consumers, making it easier for them to provide payments services.

Increased security of Internet payments using Strong Customer Authentication (SCA). 2 or more of the following independent elements will be used: Knowledge (password, PIN…), Possession (card or something only the user possesses) and Inherence (fingerprint, voice recognition…).

For remote transactions, a fourth element, likely to be a unique authentication code, can also be used.

Broader geographical reach: all transactions including those with ‘one leg out’ (at least one party is located within the EU, and no longer both) are in the scope of PSD2, and all official currencies.

How will it affect businesses/banks and Fintech in different areas and regions?

PSD2 is good news for Fintech startups. Big banks will have to significantly invest in revamping legacy systems and services and will look outside for help.

In a nutshell, PDS2 will promote innovation in the payments space because it allows new players access to the likes of XS2A, providing a direct connection between retailers and banks, enabled by APIs.

If you have not seen our video explaining PSD2 check it out here: