What is the 2nd Payment Services Directive (PSD2)?

PSD2 stands for the second Payment Services Directive and is a European regulation for electronic payment services and payment service providers throughout the European Union. 

PSD2 is designed to boost innovation and help banks adapt to new technological developments. It focuses on improving consumer rights, aligning payment services, enhancing security through strong authentication systems and enabling third-party providers, such as budgeting apps and online merchants, to access financial data and offer customers new ways to make transactions and manage finances.

Why was PSD2 introduced?

PSD2 was introduced in 2018 to facilitate an integrated and seamless payment experience across EU member states. PSD2 also introduced Strong Customer Authentication (SCA) to enhance secure payments and reduce fraud.

The original PSD2 implementation deadline was 14th September 2019, but this was extended to 14th March 2022 in recognition of the challenges faced by businesses at that time.

Under the PSD2 directive, banks and other financial institutions throughout the EU are able to utilise application programming interfaces (APIs) for licenced and approved third-party service providers. An API is simply software that allows different systems to talk to each other, allowing a financial institution’s system to quickly and securely connect to a third-party provider’s system and share financial data.

Once a third-party service provider is approved under PSD2 and can comply with its regulations, it can offer a range of financial services that require access to banking information.

This image shows how PSD2 works:

PSD2 has three main objectives, which are the following: 

➝ Better protection for consumers paying online 

➝ Promoting innovative approaches to online financial services 

➝ Enabling faster payment services throughout the EU

What are PSD2 requirements?

PSD2 has three security factors and requires payment services and financial institutions to use them to facilitate payments. This is known as ‘multi-factor authentication’. 

The required factors are as follows: 

• Something the cardholder knows, such as a password or pin
• Something the cardholder has, such as a token or mobile phone
• Something the cardholder is, such as a fingerprint or voicematch

PSD2 provides the framework through which financial service providers can offer you services, including convenient ways to make online payments, without being redirected to another payment service, such as PayPal. 

If you have more than one bank account, you can allow third parties, such as budgeting apps, to hold and display all your account information in one place.

This illustration shows how PSD2 is changing the way consumers will make transactions:

Financial institutions that supply your data and third-party financial service providers must comply with all PSD2 regulations and legislation. This includes having a robust API infrastructure and supporting customer security with strong customer authentication. Banks must also provide customer data in real-time where required.

Yes, PSD2 is a major piece of legislation that affects the UK and the EU, and is as essential as other regulatory and strategic initiatives.

Does PSD2 apply to the UK after Brexit?

PSD2 sets out a common legal framework for businesses and consumers when making and receiving payments within the European Economic Area (EEA), making EU membership irrelevant. Other countries affected by the PSD2 include Iceland, Norway and Liechtenstein. 

Compliance with PSD2 is necessary for the UK to interact with broader European payment services and finance, causing potential damage to the UK economy and innovation if we don’t comply.

The implementation of PSD2 is important because of the benefits it could bring to your online financial transactions and experiences. Not only could PSD2 make it easier and quicker for consumers to pay online merchants, but transactions could also be more secure.

Transactions through open banking should be protected against cyber fraud by sophisticated authentication methods. PSD2 requires two-factor authentication, which reduces risk and improves online financial safety.

Additionally, PSD2 facilitates openness to financial data, which is necessary for enabling innovations in the financial services industry. It will lead to enhanced competition, which in turn will provide consumers with more and better financial choices.

PSD2 affects all member countries of the EU as well as those within the European Economic Area and anyone wishing to engage in the European payments market. 

What countries does PSD2 apply to?

The complete list of countries currently covered by the PSD2 is as follows:

• Austria
• Belgium
• Bulgaria
• Czech Republic
• Cyprus
• Denmark
• Estonia
• Finland

• France
• Germany
• Greece
• Hungary
• Iceland
• Ireland
• Italy
• Latvia

• Liechtenstein
• Lithuania
• Luxembourg
• Malta
• Netherlands
• Norway
• Poland
• Portugal

• Romania
• Slovakia
• Slovenia
• Spain
• Sweden
• United Kingdom

Open banking allows banks and third-party financial service providers secure access to your bank and other financial data. Open banking is regulated by PSD2, which means that banks can share your financial data, such as regular payments and statements, with authorised service providers, as long as you permit them to.

Open banking is a service, while PSD2 is one of the regulations that govern how that service works. Effectively, PSD2 is the law that requires banks to provide data to third parties (as long as you have permitted them to), and open banking provides a standard format in which to provide your data.

If you want to get a feel for open banking, register for a Raisin UK Account. While you won’t receive a complete open banking experience, you can apply for savings accounts from a range of banks in one place.

All you need to do is register for a free Raisin UK Account online, click to apply for a savings account and transfer your deposit to your Raisin UK Account. There’s no need to fill out a new application each time you apply, and your money is deposit protected from the moment it arrives in your Raisin UK Account to when it automatically transfers to and from a partner bank.