Come 14 September 2019, and banks in the European Union must be ready to implement PSD2. What exactly is PSD2? It refers to the revised Payment Services Directive that was introduced in January 2016. It mandates EU banks to open their application programming interfaces (APIs) to third parties so they can access the customers’ accounts and payment services securely in order to offer innovative services and products.
New business opportunities with PSD2
Although the directive focuses on banks in the EU, PSD2 is believed to disrupt the global eCommerce landscape as it will lead to innovative banking—also called open banking—with multiple players collaborating in the eCommerce and payments space. With the implementation of PSD2, FinTechs, merchants, processors, and other global third party payment service providers will be able to offer innovative products and services in ways never seen or envisaged before.
PSD2 will open up new business opportunities and revenue streams while enabling players to reach out to a wider set of customers. FinTechs are already gearing up for the sweeping changes that PSD2 will bring in by filling in the gaps that traditional financial institutions are leaving behind—peer-to-peer payments, crowd-sourced loans, instant insurance policies and so forth. The biggest benefit for these third-party payment service providers is that they can piggy-back on the existing infrastructure of the banks without experiencing the burden of infrastructural investments and regulatory compliance.
Customers will benefit
As players compete for market share, customers will benefit from improved services, more product options to choose from, and greater control over their online financial lives. Additionally, in order to ensure a secure banking experience for customers, PSD2 mandates strong consumer authentication (SCA) for account access and payment authorization. As soon as a customer initiates a transaction, she will receive a transaction-specific OTP (one-time-password) which is locked specifically for the beneficiary. This is with a view to secure the authentication without allowing cybercriminals to lay their hands on the OTPs for online fraud.
Request for extension
Although the implementation date for the PSD2 has almost arrived, it is evident that implementation-readiness is still far from complete. There are technical changes—especially for card payments—that still need to be completed as the payments systems are quite complex. As a result, payment service providers are requesting regulators for additional time to set up and adhere to migration plans.
The response from the regulators is awaited and we shall keep you posted on the developments.
The article has been written by Neetu Katyal, Content and Marketing Consultant
She can be reached on LinkedIn.