Find the answers to all frequently asked questions on SlimPay’s PSD2 FAQ.
1. What is PSD2?
PSD2 is also known as Payment Services Directive 2. PSD2 will take effect September 14, 2019. This European directive aims to reinforce the security of online payments for consumers. It also encourages Open Banking as all banks will have to give access to their accounts through APIs for regulated Third Party Players (TPP).
2. What are the major changes affecting the European landscape?
PSD2 introduces new roles to the European payment landscape that can be held by TPPs or the banks themselves:
- The PISP (Payment Initiation Service Provider) initiates a payment via SEPA Credit Transfer (SCT) on behalf of the consumer to the merchant account who has to be paid, providing the customer has given their consent.
- The AISP (Account Information Service Provider) accesses consumers’ account information for many purposes such as aggregation of information or identity checks.
3. What is Strong Customer Authentication (SCA)?
SCA aims to increase payment security and protect sensitive payment data of European consumers. SCA — which will also take effect September 14, 2019 — will become mandatory for both individuals and professionals when they consult an online banking portal, create a new beneficiary or pay online.
4. Are there cases where SCA is exempt?
SCA does not apply for Merchant Initiated Transactions (MIT), and that is why SEPA Direct Debit is out of scope.
SCA is then only applicable for Customer Initiated Transactions (CIT), but there are some exemptions:
- Small amounts;
- Recurring transactions of the same amount for the same beneficiary;
- Payment to a trusted beneficiary;
- A transfer to yourself; and
- When your payment provider has a low fraud risk rate following the Transactional Risk Analysis (TRA).
5. As an e-merchant offering subscriptions, how am I impacted by PSD2 …
- if I offer SDD payments?
There is no impact.
- if I offer card payments?
There will be an impact on your card payments as you will have to make sure that your payment service provider is able to support Strong Customer Authentication. You also need to understand how these new authentication rules (SCA) will impact your customer journey and the potential impact on your activity related to subscriptions.
6. What is 3DS 2.0?
3D Secure is a protocol for securing card payment. It will be upgraded to a new version to comply with SCA requirements. This new protocol will still be ensuring the security of card payments while improving the customer experience.
7. Is SlimPay ready for PSD2 compliance?
SlimPay’s payments services on SDD are not impacted as they are out of the SCA scope. Regarding card payments, SlimPay is offering 3DS 1.0, which will remain compliant with PSD2 until June 2022 in France. In the meantime, SlimPay is working on implementing 3DS 2.x.