blog

What does the new Directive on Payment Services (PSD2) Mean for PSPs?

Legal & Regulatory |  December 9, 2015 Frederik Mennes

On October 8th, the European Parliament adopted the revised Directive on Payment Services, also known as PSD2. This new directive, which is the long awaited successor of the first Payment Services Directive from 2007, aims to harmonize the European retail payments market, which is very much fragmented along national borders, and foster the adoption of innovative, easy-to-use and secure payment schemes.

PSD2 is the latest development in a series of European regulatory initiatives aimed at securing Internet payments. These initiatives intend to combat Card-Not-Present (CNP) fraud and increase the confidence of European citizens regarding e-commerce, e-banking and other online activities.

Contrary to the EBA guidelines, national regulatory authorities cannot opt out from PSD2, as it will be translated into national law by the EU Member States. This means also countries such as the UK, who opted out from the EBA guidelines, will be subject to PSD2 and its requirements regarding strong customer authentication.

PSD2 uses the same definition of “strong customer authentication” as the EBA guidelines, which is based on the traditional concept of two-factor authentication.  But PSD2 goes a step further for “electronic remote payment transactions”, which includes all transactions over the Internet. For such transactions, Payment Service Providers must apply strong customer authentication that includes “elements which dynamically link the transaction to a specific amount and a specific payee”.

Although strong payment authentication is already common practice in online banking services in many European countries, it may present a significant step for e-commerce services and may impact the check-out processes of e-commerce merchants. Hence e-commerce merchants will need to find secure but also convenient authentication mechanisms.

 

Subscribe to Our Blog

I would like to receive communications from OneSpan and consent to the processing of my personal data. I understand I may unsubscribe at any time.

To view how we process and manage your personal information, please visit our Privacy Policy