In the space of a few years, the payments sector has undergone a rapid and significant evolution: according to a survey, digital transactions have grown by around 50%. It is precisely within this innovative landscape that Europe has taken the decision to regulate the world of new digital payments with new legislation, PSD2.
PSD2 is not the first legislation regarding the world of online payments enacted in Europe, in fact, in 2009 the PSD directive was introduced to regulate payments within the EU. Due to the development of new digital payment systems, the European Commission has recently decided to revise the existing legislation. Thus was born the new PSD2, a law that entered into force on 13 January 2018 which should become mandatory from 14 September 2019 starting from the new SCA and 3DS 2.0 authentication systems. The objectives of PSD2 are clear: to comply with innovative transactions, to increase the protection and safety of users, and to favor the new financial model ” Open Banking” based on a higher level of competitiveness.
Latest updates: PSD2 extension
Latest updates, PSD2 extension: the latest official press release made public on 1 August 2019, reviews the timing of the legislation by taking advantage of an opportunity granted by the European Banking Association (EBA).“In consideration of the complexity of the adjustments, particularly relevant in the field of online card payments, and the need for active involvement of users, on 21 June the European Banking Authority (EBA) recognized the possibility of granting additional time to national authorities, compared to September 14, to allow the completion of the interventions and the adoption of the new authentication tools by all customers, with exclusive reference to the aforementioned category of payments “, this is how Bankitalia communicates its decision at an official level. In fact, the application of the strong authentication rules for online payments (Strong Customer Authentication) – which had to be implemented from 14 September – is postponed to a date to be defined. What are the reasons? Updates in the financial system are considered to be particularly complex. A gradual change is expected to significantly reduce the risk of payment services malfunctioning.
PSD2 what it is and what it entails
Payment Services Directive 2, better known by the acronym PSD2, is the second legislation issued by the European Commission relating to payment services. Entered into force on 13 January 2018, the new directive has the primary objective of making payment management in Europe more secure and convenient.
On the online payment security front, PSD2 will bring important news: starting from 14 September 2019 (with the August extension from a later date to be defined) all e-commerce platforms will have to implement new innovative authentication systems in their payment procedures, such as 3DS 2.0 and SCA. All transactions that do not comply with the new security requirements may, in fact, be rejected by the buyer’s bank. Strong Customer Authentication (SCA) and 3DS 2.0 are innovative security procedures able to guarantee the customer total security. In fact, with the PSD2, every consumer will be able to make payments or access their banking information without having to fear fraud or violations of privacy.
The real innovative feature of PSD2 is the increased competition in the financial sector. Banks and Poste Italiane must necessarily share information relating to their customers with authorized third parties (Third Party Provider – TTP). PSD2 will undoubtedly open the financial market to new entrants. The e-commerce sector, for example, will benefit enormously from the new legislation. In fact, by implementing a complete payment phase in your store, you can offer the consumer an optimal experience.
PSD2 meaning: why did the EU introduce it? The objectives are multiple: to offer more protection and security to customers in the field of digital payments through new authentication methods, to create an Open Banking model by sharing data with authorized third parties, and to optimize the customer experience by simplifying digital transactions processes.
PSD2 Banking: who are the new financial players?
As already mentioned, one of the most revolutionary innovations introduced by the PSD2 regulation concerns the possibility for authorized Third Parties to have access to users’ banking data. In other words, online account holders have the ability to make payments or access their private information through authorized non-banking services.
In order to use the services provided by new players, the so-called Third Party Providers, it is the user himself who must authorize access. The authorization signal is transmitted to the customer’s bank by means of reinforced security mechanisms. In fact, the European Banking Authority (EBA) has made it mandatory to draw up a public electronic register in which all the TTPs authorized to operate payment services in the EU within the PSD2 context will be listed. In this way, each consumer will be able to check if the Financial Player to be authorized is present in the register. By doing so, you will have the security of providing access to your bank details and payment transactions exclusively to certified and effectively approved entities at a regulatory level.
But who are the TTPs? Let’s find out what are the new players in the financial market:
- PISP – Payment Initiation Service Provider
Services that act as an intermediary between the user who has to initiate a payment and his own online account. PISPs take action when initiating a transaction on behalf of the user in favor of a third-party beneficiary. In other words, through the use of intermediary software, PISPs allow you to make an online payment from your account to a seller. The operation is simple: the customer, during the payment procedure, just enter the information required for the online money transfer. The user must then inform the merchant that the payment procedure has been initiated. Through this simple procedure, it is possible to transfer sums of money without using credit cards and bank intermediaries.
- AISP – Account Information Service Provider
Services made available to online account holders: through specific dashboards, the customer will be able to obtain complete information about their accounts. AISPs are more simply services capable of retrieving banking information by connecting to customer accounts. Through AISPs, customers will be able to monitor their investments, analyze their spending behavior and plan each financial investment using a single dashboard.
- CISP – Card Initiation Service Payment
CISPs are issuers of card-based payment methods other than the customer’s bank. The CISP is a tool capable of asking for checks on the availability of money within the card before starting a transaction. The answer that the CISP receives from the bank can be affirmative or negative: it will be affirmative only when the availability of money on the card is sufficient to carry out the requested transaction.
What will change with PSD2?
PSD2 brings with it 5 major improvements in the financial sector:
- Open Banking
As already explained above, the most important and innovative change brought about by the PSD2 regulation undoubtedly concerns the creation of an open banking system. Banks, by sharing their customers’ data with TTPs, will make the financial market more competitive and modern. Customers will benefit greatly from this reform: managing their finances and initiating payments will require less time.
- New safety systems
PSD2 tackles the issue of online payment security in a totally innovative way. To cope with the incessant increase in risks and scams for consumers, the new legislation introduces two new simple and secure authentication systems: 3DS 2.0 and SCA. The 3DS 2.0 system, an evolution of the current 3D Secure, and Strong Customer Authentication (SCA) will significantly improve the security of online transactions. Both security measures must be adopted starting from September 14th, 2019.
- Improvement of the online customer experience
One of the most evident changes brought about by the new European legislation undoubtedly concerns online shopping. By sharing information with authorized third parties, merchants and online stores will be able to implement complete payment procedures on their web pages. European legislation opens the doors to new players in the financial sector: FinTech companies and e-commerce giants such as Amazon or Apple will be able to fully manage the payment processes of their users. The PSD2 will therefore allow the e-commerce sector to optimize the consumer experience by offering a complete service without intermediaries.
- Simplified management of your accounts
Thanks to PSD2, Open Banking, and AISPs, it will be possible to view your accounts within a single dashboard. In fact, it is currently not possible to view the data relating to your account if you have two accounts in separate institutions. With the arrival of Open Banking and AISP services, it will be possible to analyze information from a single channel by implementing your data with new tools capable of analyzing spending behavior or commercial trends. In fact, AISPs make new features available to customers with the aim of optimizing their loans and improving the management of online accounts.
- Significant cost savings for consumers
The PSD2 will make it possible to significantly reduce the costs of payments. With the arrival of PSD2, in fact, interchange fees cannot exceed 0.2% of the value of the debit card payment transaction. As for payments by credit card, the commissions will be limited to 0.3%. Furthermore, the consumer’s deductible will be reduced (from 150 Euros to 50 Euros) to regulate the expenses activated before a possible report of credit card theft. European consumers will therefore be able to derive clear economic benefits from the new PSD2 legislation and reduce their liability in the event of unauthorized payments.