PSD2

Back to top

PSD2, the electronic payment revolution

The developer portal is for registering third parties that use our PSD2 API services. Here you will find all documentation, FAQs, details and statistics.

This new EU directive is broadening the horizons of online payment and banking services and will make life easier for millions of consumers.

More versatile, convenient and secure digital payments. The new PSD2 regulation issued by the European Union, which took effect in Italy on 13 January 2018, is revolutionising the digital economy world and consequently the habits of millions of European consumers. Let’s take a closer look.

PSD2 is the acronym for Payment Services Directive 2. With this legislation, which is a significant step forward from its predecessor PSD, the European Parliament intended to create an even more integrated payment system, supporting technological innovation and increasing the security level of digital payments.

One of the main aims of PSD2 is to increase transparency for the sector’s service providers and users, standardising the rights and obligations connected with individual payment services. The other aim is to increase competition between old and new players in national payment markets, while ensuring a level playing field.

In practice, PSD2 requires banks to "open the doors" to let regulator-approved third parties view customer accounts and data, subject to customer authorisation, using technological solutions such as banking APIs to interface with each other.

This new regulation paves the way for Open Banking by allowing new Third-Party Payment Services Providers (or TPPs) to enter the payment ecosystem, offering new services and innovative user-centred products.

With Open Banking, apps and dashboards will be available that will allow users to manage different current accounts in a single, easy-to-use interface. PSD2 introduces another important innovation: the use of telephone credit (prepaid or included on your bill) for payment transactions in addition to those already available (digital content, donations or electronic tickets).

When it comes to security and authentication, PSD2 introduces the concept of 'Strong Customer Authentication' (SCA) to identify and authenticate the customer with two recognition components (for example a numeric pin and a biometric component) obliging the payment service provider to apply it when the payer accesses his payment account online or has an electronic payment transaction. The technical regulatory standards for these security systems, drawn up by the European Banking Authority (EBA), were issued by the European Commission and took effect on 14 September 2019.

Finally, PSD2 deals with online scams and careless digital payments by offering greater protection to consumers.

Customers will be charged a maximum of €50 for any unauthorized payment, compared to €150 in the previous PSD.

This consumer protection is combined with rules in EU regulation 2015/751, which says e-commerce surcharges cannot be applied for consumer debit and prepaid transactions (excluding cards issued for business or public administration purposes).

PSD2 is still in the initial stages, but the system has the potential to change the way we make payments and more generally benefit the banking sector.

 

The PSD2 glossary

Key words for understanding the new digital payment revolution

A European Union directive that took effect in Italy on 13 January 2018, to support the creation of a single market for digital payment services.

The new paradigm that allows a bank customer to consent to share his or her bank account data with different non-bank actors in the payment ecosystem.

Open Banking

An acronym for Application Programming Interfaces, which is a set of formalised commands that enable software applications to communicate with each other in a uniform way and to take advantage of basic services to create additional and innovative services.

Advanced technologies that allow new providers to enter the financial services market, with services based on new business models, ranging from payments to financial advice to retail banking to investments.

An acronym for Google, Apple, Facebook and Amazon, or the four giants of the web.

An acronym for Over The Top, or companies, like GAFA, that provide services over the Internet, without the need to build their own infrastructure like media or traditional companies. This enables them to save on costs.

An acronym for Third Party Provider, or a third party, different from the bank where a customer holds his or her account. The customer can authorise the TTP to access their current account information, provided the TTP has the necessary licences and the customer’s explicit consent.

An acronym for Payment Initiation Service Provider, or non-bank provider of services for arranging a payment order at the request of the customer.

An acronym for Account Information Service Provider, or provider of payment account information services that lets holders of an account accessible online aggregate the information of their accounts in a single tool, through an integrated dashboard.

Issuers of card-based payment tools, other than bank with which the holder has a relationship, that is authorised to carry out instructions on the account, such as the verification of the availability of funds for the requested transactions.

PSD2: how to navigate between the advantages and risks

With PSD2, the new EU regulations for Open Banking, a customer’s bank account data can be made available to third parties.

This is a turning point for the entire banking and payments system, and it requires end users to have a better understanding of the advantages and challenges of this system. PSD2 took effect on 13 January 2018 in Italy, and since then every account holder can give his or her consent to provide their bank account data digitally to third parties.

That means the data security aspect is key. One of the main objectives of the PSD2 directive is to encourage standardisation and protection for digital payment execution methods, to make transactions more secure, reinforcing consumer protection. However, several steps will need to be taken on the technological front.

Standardised API (Applied Programming Interface) platforms that enable secure access to bank account data must become widespread, in order to resolve security, digital identity, privacy, authentication and identification issues in a clear way.

In summary, the PSD2 revolution will play out across the security, technological innovation and financial education fronts. For consumers and savers, it will be a matter of developing new skills to avoid making hasty choices. For example, they will need to learn to recognise the most technologically advanced and above all reliable parties, and to navigate between increasingly “tailor-made” proposals that are built on the needs of the individual. On balance, it’s a challenge that clearly offers more advantages than disadvantages.

Spinning wheel animation

Loading

UniCredit Logo

Want to use all of our website features?

K tomu od vás potřebujeme souhlas s využitím Cookie Policy. Díky analytickým a marketingovým cookies budeme lépe rozumět tomu, co na webu hledáte a jak vám informace a reklamu ušít ještě více na míru. Nastavit si využití všech cookies můžete níže, nebo kdykoliv později jednoduše přes odkaz v patičce webu.
Cookie Settings