PSD2, the digital payment revolution
This new EU directive is broadening the horizons of online payment and banking services and will make life easier for millions of consumers.
More versatile, convenient and secure digital payments.
The new PSD2 regulation issued by the European Union, which took effect in Romania on 13th of December, 2019 with local transposition of the Law no. 209/2019, is revolutionizing the digital economy world and consequently the habits of millions of European consumers. Let's take a closer look.
PSD2 is the acronym for Payment Services Directive 2. With this legislation, which is a significant step forward from its predecessor PSD, the European Parliament intended to create an even more integrated payment system, supporting technological innovation and increasing the security level of digital payments.
One of the main aims of PSD2 is to increase transparency for the sector's service providers and users, standardizing the rights and obligations connected with individual payment services. The other aim is to increase competition between old and new players in payment markets, while ensuring a level playing field.
In practice, PSD2 requires banks to "open the doors" to let regulator-approved third parties view customer accounts and data, subject to customer authorization, using technological solutions such as banking APIs to interface with each other.
This new regulation paves the way for Open Banking by allowing new Third-Party Payment Services Providers (or TPPs) to enter the payment ecosystem, offering new services and innovative user-oriented products.
With Open Banking, apps and dashboards will be available that will allow users to manage different current accounts in a single, easy-to-use interface.
When it comes to security and authentication, PSD2 introduces the concept of 'Strong Customer Authentication' (SCA) to identify and authenticate the customer with two recognition components (for example a numeric pin and a biometric component) obliging the payment service provider to apply it when the payer accesses his payment account online or has an electronic payment transaction. The technical regulatory standards for these security systems, drawn up by the European Banking Authority (EBA), were issued by the European Commission and took effect on 14 September 2019.
Finally, PSD2 deals with online scams and careless digital payments by offering greater protection to consumers.
Customers will be charged a maximum of €30 (if the contract is signed under the Romanian laws) for any unauthorized payment, compared to €150 in the previous PSD.
PSD2 is still in the initial stages, but the system has the potential to change the way we make payments and more generally benefit the banking sector.
History of PSD2
The PDS2 glossary
The key words for understanding the new digital payment revolution
A European Union directive that took effect in Romania on 13 December 2019, to support the creation of a single market for digital payment services.
The new paradigm that allows a bank customer to consent to share his or her bank account data with different non-bank actors in the payment ecosystem.
An acronym for Application Programming Interfaces, which is a set of formalized commands that enable software applications to communicate with each other in a uniform way and to take advantage of basic services to create additional and innovative services.
An acronym for Third Party Provider, or a third party, different from the bank where a customer holds his or her account. The customer can authorize the TTP to access their current account information, provided the TTP has the necessary licenses and the customer's explicit consent.
An acronym for Payment Initiation Service Provider, or non-bank provider of services for arranging a payment order at the request of the customer.
An acronym for Account Information Service Provider, or provider of payment account information services that lets holders of an account accessible online aggregate the information of their accounts in a single tool, through an integrated dashboard.
Issuers of card-based payment tools, other than bank with which the holder has a relationship, that is authorized to carry out instructions on the account, such as the verification of the availability of funds for the requested transactions.
PSD2: How to navigate between the advantages and risks
With PSD2, the new EU regulations for Open Banking, a customer's bank account data can be made available to third parties, with specific consent from the customer.
This is a turning point for the entire banking and payments system, and it requires end users to have a better understanding of the advantages and challenges of this system. PSD2 took effect on 13th of December 2019 in Romania, and since then every account holder can give his or her consent to provide their bank account data digitally to third parties.
That means the data security aspect is key. One of the main objectives of the PSD2 directive is to encourage standardization and protection for digital payment execution methods, to make transactions more secure, reinforcing consumer protection. However, several steps will need to be taken on the technological front.
Standardized API (Applied Programming Interface) platforms that enable secure access to bank account data must become widespread, in order to resolve security, digital identity, privacy, authentication and identification issues in a clear way.
In summary, the PSD2 revolution will play out across the security, technological innovation and financial education fronts. For consumers and savers, it will be a matter of developing new skills to avoid making hasty choices. For example, they will need to learn to recognize the most technologically advanced and above all reliable parties, and to navigate between increasingly "tailor-made" proposals that are built on the needs of the individual. On balance, it's a challenge that clearly offers more advantages than disadvantages.
