There is a silent revolution happening in the world of online payments and its name is Payment Service Directive (PSD2). The European Union passed it in 2016 and came in effect in the middle of September 2019. Its aim is to help both merchants, e-commerce businesses, and their customers make payments safer, faster, and forget about fraud.

How does that happen and how it affects your business?

PSD2 forces European financial institutions to innovate for the convenience of your customers.

Safety Pays

The first step for PSD2 to achieve its goals is breaking the banks’ monopoly on their customer’s data. This enables bank customers, both business and consumer, to give third-party providers permission to retrieve their account data from their banks. The third-party providers may then, for example, initiate payments for the users directly from their bank accounts. Before, you needed PayPal, Visa, or Mastercard with the added layer of 3DS security or Verified by Visa and password checks before processing your payments.

Direct connections between retailers and customer’s bank accounts are made possible with the use of API or Application Programming Interface. It offers a set of rules and parameters that can change an existing framework or software to tailor it to specific needs without changing the overall source code. An open API enables the use of congregate data that can be targeted to individual customers and retailers without compromising security.

The questions of security of the payments was paramount for EU legislator – that is why the standards of encryption have been raised and companies will have to verify a customer’s identity by two of the three following elements: something the customer possesses – i.e. the credit card, mobile device or smart card; something only the user knows, such as a password or PIN; and something that the user is, which means biometrics such as a fingerprint or facial scan. It forces European financial institutions to innovate for the convenience of your customers.

There are also exceptions to those rules under PSD2. For example, recurring payments or those under €30 will fall outside the scope of the regulations. The former will be authenticated when the customer signs up for the service. However, getting exemptions is not a straightforward process, and neither are exemptions guaranteed – it would take time and experience to navigate and map the new realities of the online payments.

Taking Responsibility

Businesses have to be ready for the new legal and technical framework to get ahead of the game and utilize the PSD2 to the fullest extent. The best way to prepare and address the new reality of PSD2 is to learn all about it. The next step should be to consult with your trusted payment and software development partners. It takes experienced professionals to navigate the changing landscape of e-commerce and international finance and going for anything less is too risky to afford.