PSD2: What does it mean for you?

Since PSD2 entered into force in January 2016, there have been countless discussions on the changes it requires and the impact it might have on businesses all over Europe. Payment processing experts, banking professionals and financial consultants have all voiced their assumptions, enthusiasm and concerns regarding the revised Payment Service Directive.

Even so, at this moment, only 3 months away from the deadline, the requirements seem quite daunting for some. There are still a lot of TPPs, banks or Fintech start-ups that continue to struggle to understand what PSD2 means for their business.

What does PSD2 bring new to the table?

The scope of the directive is to harmonize the payment ecosystem and allow more players to get into the financial space by encouraging innovation, competition and collaboration. At first glance, the customers are the main beneficiaries, as they will enjoy the greatest added value, gaining access to new value propositions, services and solutions from new entrants, from banks and Fintech start-ups.

In terms of changes, the most important ones are Access-to-Account (XS2A) as well as the introduction and regulation of third-party payment service providers (TPPs).

Let’s say you're making a new purchase from your favorite website. In the context of PSD2, the merchant will be able to securely access the consumer’s bank account and collect their payment after asking for permission. Basically, the merchant will act as a Payment Initiation Services Providers (PISP) and initiate the payment while the consumer’s bank, also known as Account Servicing Payment Service Provider (ASPSP), will manage the account. Long story short, the payment process will be faster and simpler as card schemes and other intermediaries will be removed.

The merchant and the bank will most likely communicate to each other using an API. In order to make sure all APIs will comply with the regulation (what data is transferred, what are the security protocols, what happens if things do not work as expected, etc.), the European Banking Authority has defined the Regulatory Technical Standards (RTS).

PSD2 also introduces the concept of Account Information Service Providers (AISP). AISPs will allow consumers to consolidate their bank account details from several different banks into an account aggregator.  This represents a great window for new providers as they will be able to also gather relevant data about users and turn that into cross-selling opportunities.

It seemed more than that...

Well, it is. PSD2 also means:

• Stronger customer authentication
• Unconditional right of refund for direct debits under the SEPA CORE scheme
• Ban on surcharges for card payments
• Enhanced customer protection for payments made outside of the EU or in non-EU currencies

You are a merchant - what does PSD2 mean for you?

Merchants can act as PISPs and eliminate the need for a payment processor as they will be able to take the money directly from their customers’ accounts. This will result in instant payment confirmation, significantly reduced costs and less complex checkouts.

However, nothing ever comes easy. Should merchants want to become PISPs, they will definitely need to comply with the directive’s Regulatory Technical Standards and provide strong customer authentication and secure communications.

At this point, it still remains to be seen if merchants are open to this opportunity or believe that these requirements will only mean more work, higher costs and no added value.

What if you're a bank – is PSD2 a friend or a foe?

Over the past couple of months there has been a lot of debate on whether PSD2 is indeed an opportunity for banks or a major threat. Regardless of the answer, it was clear from the beginning that if they wanted to remain relevant, something needed to be done. Assuming, of course, that banks really wanted to do more than comply as ASPSPs.

• Change their IT infrastructure – traditional banking is no recipe for success, customers expect faster and more interactive banking platforms. Furthermore, in the PSD2 context, banks need to open their APIs to be able to interact with applications developed by the TPPs (PISP and AISP);
• Become a TPP by offering AISP services – this means their customers can login to their bank account and be able to see information from all of their other accounts. As studies show that banks are perceived as being more secure and trustworthy, customers are more likely to choose them rather than a Fintech start-up to be their account aggregator;
• Become a TPP by offering PISP services - banks can expand their transaction banking offerings by actively disrupting the existing online payment options as well as providing cost effective and faster API-based P2P payment solutions;

It is clear that PSD2 will be a game-changer in the European financial and payments space and it will allow numerous new players to enter the market. Yet, we'll need to wait until January 2018 to see whether or not all parties involved had been able to take advantage of the changes and will increase their payment revenues.