What is PSD2?

The Payment Services Directive (PSD2) is a European Union directive that was voted into law on December 15, 2015, and came into effect in January 2018. It provides a framework of rules and regulations for the provision of payment services across the EU. The framework aims to increase competition and innovation in European banking services - requiring financial institutions to allow third parties accessing consumer banking data via APIs, if account holders give their consent.

Which countries does it involve?

The PSD2 applies directly to consumers and companies in all of the countries in the European Union. The regulations are focused on EU banks and financial institutions, but companies based outside the EU may be subject if they have any customers or users that live within EU jurisdiction. For example, if your company intends to do business in Europe, you must make sure that your global business units are compliant.

What are the PSD2 requirements?

With the PSD2 regulation, companies first and foremost need to think about the security of the user. They should be required to ensure that their users can access their accounts securely. Other requirements are specified hereafter:.

Open APIs for third party access

Businesses must provide APIs for account information service providers (ASIPs) that allow access to customer information when it has been granted by the consumer.

Improved customer transparency

Businesses need to be more transparent. They must simplify the language of their terms and conditions to be more customer-friendly. They also need to provide more transparency in currency conversion rates.

MFA security authentication

Another requirement is that all digital banking providers and payment processors must implement multi-factor - or at least two-factor - authentication. For example, a PIN number, biometrics, and text message verification all serve as multi-factor authentication.

Complaint resolution in a timely manner

The PSD2 requirements specify that complaints should be resolved in a timely manner, how incidents should be reported to law enforcement, and provide guidelines for customers and payment providers themselves.

Surcharge ban (in certain cases)

Under PSD2, merchants are prohibited from charging customers additional fees for paying by debit or credit card. This includes situations such as buying a ticket, ordering food or drinks, or getting something delivered. The ban applies to B2C and B2B settings.