The Directive on Payment Services (PSD) was adopted in 2007 with the objective of increasing the speed, efficiency and ease-of-use of European payment services. The revised directive, PSD2, addresses issues relating to third party providers within the payments industry, and aims to spur innovation. PSD2 will create a level playing field for all players within the payments market through providing a legislative framework for new entrants, while continuing to ensure an adequate level of security for the proper functioning of payment systems.
Directive on payment services: Spurring innovation
New offers and services are constantly emerging within the payment ecosystem. The reviewed directive will particularly address the introduction and regulation of third party providers centred around accessing banking information, namely:
- Account Information Service Providers (AISP), which enable owners of numerous bank accounts to view all of their multibank details on one interface
- Payment Initiation Services Providers (PISP), which initiate a payment from the user account to the merchant account
It is important to note that the service providers will not have full access to the user account. PISPs will require strong authentication from the user before executing each payment and AISPs will need explicit consent from the user.
But what about security?
The arrival of these innovate services raises issues regarding payment security and data protection, as well as consumer trust and fraud prevention. PSD2 is responsible for supervising and regulating these services that change the “traditional” flow of payments.
All payment service providers (third party providers, banks, payment institutions) will be required to meet certain security measures to ensure safe and secure payments. A yearly assessment of the operational and security risks at stake will be conducted by the PSP.
The directive will also prohibit surcharges on card based transactions, as well as improve consumer protection for payments made outside of the EU or in non-EU currencies.
Analysing risk versus strong identification
SlimPay’s payment platform includes a high-end risk and fraud management tool. This feature enables merchants to mitigate fraud and allows for risk dynamic checkouts. The tool assesses the customer by utilising four different data sources and up to 38 data points. After assessing a risk score in real-time, the customer is funnelled through a dynamic checkout process, which corresponds to the level of risk associated with their profile. Depending on pre-defined risk levels, the customer is either prompted to authenticate through a simple checkbox or is asked to complete our secure eMandate checkout with 2-Factor Authentication. If the risk score is above a certain level, the transaction is blocked. This will enable companies to create a frictionless customer journey.
PSD2’s impact on the payment ecosystem
PSD2 will have a considerable impact on the European payment ecosystem. However, the new directive on payment services will take time to be implemented. Banks may see a risk of disintermediation if third parties impose themselves in the validation chain of their clients. However, they could also see this as an opportunity to design innovate payment offerings and expand their service portfolio.
Players from the finance and FinTech sectors have seized topic such as “instant payments” and blockchain, and are experimenting with new possibilities. These major innovations in the scheme of current payment flows will dramatically change the landscape, speed up payments and make way for a new ultra- connected means of payment. PSD2 will further encourage this potentially revolutionary movement. Watch this space…