What is the PSD2 Directive?

As part of an ongoing evolution of the European Union, the EU adopted the Payment Service Providers Directive (PSD) in 2007. The PSD2 is the next iteration of that directive. The PSD2 addresses the consumer and institutional aspects of the European payment providers industry to improve customer security and flexibility while encouraging innovation, effective digital transformation, and competition. You may have numerous questions pop into your head: what is PSD2 regulation, what does PSD2 mean for the banking industry? What is PSD2 directive? and what is PSD2 in simple terms? Let’s discuss this revised payment services directive.

Introduction – Let’s explain the PSD2 meaning

The PSD2 applies to consumers of European Union member countries. Therefore, EU citizens should expect to benefit from this directive's improved security and flexibility. Payment organizations that conduct business with European Union citizens must comply with the directive, so European subsidiaries of multinational companies and other such entities may be affected. These payment organizations include banks, financial institutions, and other payment initiation service providers. After several deadline revisions, the European Banking Authority set the PSD2 compliance deadline for December 31, 2020, and organizations now need to comply with the directive.

In summary, this change to European Union payment services regulations helps improve the payments market processes and adheres to strict security requirements - giving peace of mind to consumers.

Consumer Benefits

There are many ways that consumers benefit from PSD2, including improved security, improved transparency and flexibility (alternative payment methods), and a more predictable complaint resolution process.

Multi-factor strong customer authentication

As consumers continue to enjoy the benefits of electronic payments and online payments automation, consumer security is increasingly important. PSD2 requires that payment service providers provide strong customer authentication frameworks for most consumer transactions. Two or three authentication factors are now mainstream advanced security controls to ensure that the party at the other end of the transaction is who they say they are. Therefore, the consumer needs to provide their password as part of the login/authentication process, and they must meet additional authentication requirements and provide additional information that only they should know. This is often accomplished by text messages delivered to the consumer's registered cell phone.

Consumer Convenience

In addition to standardizing baseline security protocols and strong customer authentication for payment transactions, PSD2 also standardizes how payment service organizations interact. New protocols have been put in place for online transactions, making it easier for such organizations to exchange approved consumer data. It will be much easier for consumers who deal with multiple banks & financial institutions or use third-party service providers to set up and grant access to their accounts. This opens a market for institution-independent management of your accounts.

What is a PSD2 complaint? PSD2 compliant organizations must put in place consumer complaint processes to provide timely resolution and report the complaints.

Payment Service Provider Impacts

The Payment Services Directive 2 encourages innovation and competition in the payment service industry. To comply with PSD2, banks and traditional payment service providers needed to modernize their payment systems and provide alternate payment methods, including credit cards. New application programmatic interfaces (APIs) are a cornerstone for PSD2 compliance. These APIs provide a standard mechanism for information exchange and payment process transactions between computer systems.

Open Bank API

Germany suggested the idea of an open interface of data exchange in banks in 2010. The "Open bank project" is an initiative supported by the largest banks in Germany, which provides a mutual exchange of data through new banking standards, benefiting bank account holders. This successful initiative gave opportunities to create exciting non-bank financial projects. Subsequently, the idea began to take hold in the UK - they also began to create open bank APIs.

The PSD2 directive, which regulates the bank's access to the client's database and software interfaces for exchanging consumer’s financial data with third parties, builds on those open bank initiatives and improves general data protection regulation. When the directive came into force in December 2020, bank accounts and payment service providers needed to comply with the PSD2. What is PSD2 compliance? The core of the PSD2 is the open banking APIs. To comply with the PSD2, digital payment companies' computer systems need to implement the API standards for access. To support integrating their computer system, the banks need to provide developers access to a test environment so that they can ensure that their transactions, such as corporate payments, international payments markets, and the mobile payments industry, are correctly processed. Once integration testing is completed, the next stage is granting full access to the production environment. By creating a more level playing field, banks are being forced to interact more freely with new FinTech companies, enabling the PSD2 goal of increasing competitiveness in the payment service sector.

There are similar initiatives worldwide; if it is not on the government level, then on the level of private business initiatives. For example, despite the absence of such an initiative from the government, there is a MINT aggregator in the USA. There are also initiatives in Singapore, India, and Russia for creating such open platforms.

As an associate member of the European Union, Ukraine also accepted the PSD2 directive in 2019. As a result, a wave of new Ukrainian start-ups has begun, including new services for online banking and providing payment services gateways.

Open Bank API Opportunities

The establishment of a widely accessible open bank API creates many opportunities for new services and types of third-party providers.

European Union Consumers with multiple accounts in different financial services organizations would benefit from consolidation/aggregation applications. Preferably, the client will have third-party access to payment instruments of all banks from one application, and the client becomes just a user of the financial application from which they manage payment accounts from several payment institutions or electronic money institutions.

The planned increase of competitive activity between banks and financial start-ups will increase the competition for users' attention/loyalty to their applications. There will likely be an interesting situation where banks will build loyalty programs with unique services in their applications, and non-bank start-ups will use offers from various other banks and partner programs.

Previous innovations for third-party services will automatically result in a situation where financial services will be sold as a prepaid mobile phone provider package, quickly and in a single click. For example, you will have an opportunity to deposit in any bank by purchasing a prepaid deposit card for a certain amount.

It is impossible to predict all the consequences or evolution of Fintech; we can only confirm that the culture of consumption of financial services will be significantly changed and modernized.

How can Codein.Software help?

PSD2 set about to modernize the payment services industry. Codein.Software is a software development company. We specialize in using modern technologies and development practices to solve business problems. While the established banks may have viewed PSD2 as a disruptive force, we see it as an enabler that reduces the barrier of entry to the payment industry that will lead to innovative payment services.

Fintech is one of our areas of expertise. In our 13+ years of experience working with banks and their systems, we've implemented digital banking systems at several banks. We have participated in developing several non-bank payment systems and integrated bank APIs. We have also worked on PCI DSS implementation and compliance initiatives. Our depth and breadth of experience give us the right to identify ourselves as professionals in this area.

At Codein.Software we take pride in building the right team to meet our clients' development needs. We bring together project management, application architecture and design, back-end and front-end development, and testing professionals into a cohesive team. This team then works with subject area experts so that business knowledge from previous projects is brought forward to the current project. Our many successful client engagements confirm our professional approach and ability to develop quality systems. See our rating on the Clutch.

Suppose you are interested in participating in one of the many opportunities the PSD2 open banking API has created. In that case, we could be a perfect fit to help you capitalize on that opportunity. Let's start our cooperation with a free consultation, where we can help you choose the right technology, architecture, and stages of system development and implementation. This will help you save a good part of the budget, and you can spend this money on further implementing additional functionality or marketing.