By redefining payment authorization, the European Union's revised Payment Services Directive (PSD2) seeks to revolutionize electronic payment services. It is a regulatory framework to open the payment ecosystem and accommodate technology’s disruption to streamline digital payments. However, one of the core aspects of PSD2 is also to close the security gaps in online transactions by mandating strong customer authentication (SCA). Thus, PSD2 is bringing about fundamental changes to the financial sector.
PSD2 enables the key market players in the financial sector to interact in new ways. Its three main goals include:
· Boosting payment security
· Uniting the European financial market, and
· Facilitating access to commercial data
The regulations outlined by this directive aim to protect consumers and their data, define refund rights, leverage faster payment turnaround, and deploy safer and more secure payment options.
The directive mandates PSD2 SCA requirements for online transactions through multi-factor authentication (MFA). The transactions must be authenticated using at least any two of the given three factors:
· Something that only the customer knows, like a password, PIN, or other data.
· Something that only the customer has, like a mobile phone.
· Something that the customer is, like a biometric.
PSD2 compliance solutions require banks and other financial institutions to give third-party payment (TPP) services providers access to consumer bank accounts, given that the account holders permit it.
What is Open Banking under PSD2?
Previously, the banks and licensed financial institutions exercised control over the possession of clients' personal data. But with the introduction of Open Banking under PSD2, this monopoly is being eliminated. The data that the banks collect needs to be shared through secured APIs and made freely available. Thus, other stakeholders can use the client's personal information, with their consent, to open up new avenues for financial services by encouraging competition and decreasing service costs for consumers.
Third-party Providers
The exposure of open APIs enables consumers to securely access their bank accounts and data via third-party providers (TPPs). The TPPs fall into three main categories:
· Account information service providers (AISPs) can access sensitive data of bank customers. AISPs analyze spending patterns to gain more business intelligence and make banking more straightforward for customers.
· Payment Initiation Service Providers, or PISPs, are the service providers that initiate transactions on behalf of consumers and organizations, which includes fewer parties (to minimize the bank's involvement). Thus, customers do not have to reveal their bank details during a payment.
· An account servicing payment service providers (ASPSP) is a payment service provider that provides and maintain a payment account for a payer. It provides the payment accounts with online access.
The key benefits of PSD2 for merchants
· PSD2 enables merchants to leverage new payment aggregators to access strategic information about consumers.
· It brings about innovation in the payment industry to adhere to the current market trends and incorporate changing technology.
· It seeks to reduce fraud rates that corrupt digital transactions.
· It aims to innovate around two-factor authentication to make the online financial transactions process smoother.
To Conclude:
Stakeholders must fulfill PSD2 compliance requirements to innovate, secure, and streamline the transaction processes.
