AWS re:Invent 2021 | Speak with our cloud experts and thought leaders at the event Schedule a meeting
PSD2 is the Revised Payment Services Directive (PSD2), sometimes referred to as the Second Payments Services Directive. This is a European Union directive that regulates payment services and payment service providers and is administered by the European Commission. The European parliament passed PSD2 regulations in 2015 and gave a deadline of September 2019 for financial institutions to ensure that they can comply with PSD2. PSD2 regulates the banking industry with the goal of integrating European payments markets, making payments safer and more secure, enhancing competition and innovation, while making sure to prioritize the protection of consumers.
One of the strongest regulatory standards as part of PSD2 is that of strong customer authentication (SCA) for the payments industry. The SCA requirement states that in order to initiate payments online, users must use multi-factor authentication (MFA). MFA requires two or more pieces of evidence for authentication, which can include knowledge, possession, or inherence. There are specific applications that can be used to provide proof as part of MFA. For physical card transactions, a chip and PIN authentication can suffice. While the deadline for PSD2 was September 2019, the European Banking Authority (EBA) pushed the deadline back to December 2020 in regards to the SCA requirement for the payment market.
PSD2 also requires that financial institutes share access to customer data with authorized third-party financial services using application programming interfaces (APIs). By giving third-parties access to their data, customers can gain better control of, and insight into, their financial situation. For example, they can consolidate all information for their bank accounts, credit card accounts, and even mortgages in one centralized location.
PSD2 is the regulation that allows for open banking. Open banking also utilizes APIs for third-party applications. While PSD2 is required throughout the European Union, open banking is quickly spreading throughout the globe. As more customers request this level of control of their data, more banks and financial institutes are implementing open banking procedures.
While PSD2 is a requirement, it can allow for new opportunities for even those financial institutions outside of the European Union. For example, PSD2 and open banking can help by: