PSD2 – What does really change?
With the adoption of the revised payments directive (PSD2), the European Parliament mandated a revolution in the european payment industry. Under the new regulation, the playing field is finally level for startups in the FinTech space to play a more important role.
Often though, we hear the same question: What does really change?
What you will find here below is the summary of the FIVE main topics the new regulation brings to the table, with commentary on the far reaching impact for our industry.
- Extension of scope beyond Europe and in the definition of a “Payment Institution.”
- Account Information Service Providers
- Payment Initiation Service Providers
- Prohibition of card surcharges
- Security of online payments and account access
Extension of scope beyond Europe and in the definition of a “Payment Institution.”
The PSD2 expands the reach of the original PSD, including also what is referred to as “one leg out” transactions: transactions where at least one (and not anymore both) party is located within EU borders.
The PSD2 also extends the definition of “Payment Institution” to new types and categories of players.
Third-party account access
The main scope of the PSD2 is to encourage new players to enter the payment market, and it does this by mandating banks to “open up the bank account” to external parties. These Third Party Players (TPP) are divided in two types:
- Account Information Service Providers (AISPs)
- Payment Initiation Service Providers (PISPs)
AISPs are providers that can connect to bank accounts and retrieve information from them. A typical example of this would be an investment recommendation service: the service will be able to see how much money a user is saving each month from his income, and provide tailored advice based on his spending patterns.
PISPs are players that can initiate payment transactions. This is a radical change in this industry, as currently there are not many payment options that can take money from one’s account and send them elsewhere. Currently we only have (SEPA) Credit Transfers and debit cards, which are both offered only by the account holder’s own bank. In the future we will probably see several different payment options that can move money from the account, without the need of using a wallet (eg: Paypal)
Prohibition of card surcharges
The original directive left it up to each country to decide upon surcharging of card payments, creating a scattered european landscape in which some countries banned this practice and some others allowed it. PSD2 seeks to standardize the different approaches to surcharges on card-based transactions, which will be not allowed for those consumer cards affected by the Interchange Fee cap.
Security of online payments and account access
Allowing new players to have access to customers bank accounts is risky business. The regulator therefore introduced new security requirements for electronic payments and account access, along with new security challenges relating to AISPs and PISPs.
So what changes are we expecting and who gains the most with this new regulation?
Banks have to adapt. Currently bank accounts are siloed and, with a few exceptions, banks do not grant access to the information stored in customer accounts. Under the new regulation, they are asked to “open up”, but the burden of developing technical solutions is on the banks themselves, creating the APIs that everyone is talking about.
The Payment Initiation Service Providers (PISPs) stand to gain the most. They have the chance to eat the proverbial “free lunch” by taking it from the Banks (if the banks do nothing, obviously) and walk away with a piece of the pie, too.
Users, as often is the case when competition is encouraged, will gain the most. New services will arise in the form of payment methods, intelligence on how to better use each one’s savings, and reusing identification capabilities. The most typical example of payment methods that could become popular is the connection with social networks. Services that enable to send payments directly from messaging apps are already popular in the US, where Venmo stands ahead of the pack, and pleasing investors with steady double digit growth. In Europe we currently don’t have such an example, but by opening up the bank account, players can merge the benefits of instant settlement with the speed of internet messaging. In a couple of years we will be able to ask our colleague to share the bill for lunch and get a notification on facebook that the funds are ready to use, safe in our bank account. The main difference will be that we won’t need wallets anymore (eg: Paypal, PingIt) but we’ll simply ask Whatsapp to connect to our bank account and use our fingerprint to accept a payment request from the colleague next door. No need to open 3 different apps, fiddle with 20+ digit long IBAN codes and double check at the cubicle if the payment arrived alright.