What is the 2nd Payment Services Directive (PSD2)?

HomeBanking › PSD2

If you’re a UK saver who uses online banking regularly and keeps up to date with the latest financial technology (fintech) and legislation developments, you may be familiar with PSD2 or have at least seen or heard “PSD2” mentioned alongside terms such as “open banking”.

If you haven’t, don’t worry. Even if you’re unaware of what PSD2 is, you may have already taken advantage of it without even realising. On this page, we explain what PSD2 legislation is, how it works, its importance and what PSD2 means for open banking.

Key takeaways
  • PSD2 meaning: PSD2 is the second Payment Services Directive and sets out some rules about electronic payment services that banks must adhere to

  • PSD2 objectives: PSD2 is designed to better protect consumers, promote innovation and facilitate faster payment services throughout the EU

  • European directive: PSD2 affects all EU member states as well as those in the European Economic Area and anyone wishing to engage in the European payments market

What is PSD2?

PSD2 stands for the second Payment Services Directive and is a European regulation for electronic payment services and payment service providers throughout the European Union. 

PSD2 is designed to boost innovation and help banks adapt to new technological developments. It focuses on improving consumer rights, aligning payment services, enhancing security through strong authentication systems and enabling third-party providers, such as budgeting apps and online merchants, to access financial data and offer customers new ways to make transactions and manage finances.

Why was PSD2 introduced?

PSD2 was introduced in 2018 to facilitate an integrated and seamless payment experience across EU member states. PSD2 also introduced Strong Customer Authentication (SCA) to enhance secure payments and reduce fraud.

The original PSD2 implementation deadline was 14th September 2019, but this was extended to 14th March 2022 in recognition of the challenges faced by businesses at that time.

How PSD2 works

Under the PSD2 directive, banks and other financial institutions throughout the EU are able to utilise application programming interfaces (APIs) for licenced and approved third-party service providers. An API is simply software that allows different systems to talk to each other, allowing a financial institution’s system to quickly and securely connect to a third-party provider’s system and share financial data.

Once a third-party service provider is approved under PSD2 and can comply with its regulations, it can offer a range of financial services that require access to banking information.

This image shows how PSD2 works:


What is the purpose of PSD2?

PSD2 has three main objectives, which are the following: 

➝ Better protection for consumers paying online 

 Promoting innovative approaches to online financial services 

 Enabling faster payment services throughout the EU

What are PSD2 requirements?

PSD2 has three security factors and requires payment services and financial institutions to use them to facilitate payments. This is known as ‘multi-factor authentication’. 

The required factors are as follows: 

  • Something the cardholder knows, such as a password or pin
  • Something the cardholder has, such as a token or mobile phone
  • Something the cardholder is, such as a fingerprint or voicematch

What does PSD2 mean for me?

PSD2 provides the framework through which financial service providers can offer you services, including convenient ways to make online payments, without being redirected to another payment service, such as PayPal. 

If you have more than one bank account, you can allow third parties, such as budgeting apps, to hold and display all your account information in one place.

This illustration shows how PSD2 is changing the way consumers will make transactions:


PSD2 also requires enhanced identity checks, especially for higher value transactions, so your financial data is still secure.

What is PSD2 compliance?

Financial institutions that supply your data and third-party financial service providers must comply with all PSD2 regulations and legislation. This includes having a robust API infrastructure and supporting customer security with strong customer authentication. Banks must also provide customer data in real-time where required.

Is PSD2 a legal requirement?

Yes, PSD2 is a major piece of legislation that affects the UK and the EU, and is as essential as other regulatory and strategic initiatives.

Does PSD2 apply to the UK after Brexit?

PSD2 sets out a common legal framework for businesses and consumers when making and receiving payments within the European Economic Area (EEA), making EU membership irrelevant. Other countries affected by the PSD2 include Iceland, Norway and Liechtenstein. 

Compliance with PSD2 is necessary for the UK to interact with broader European payment services and finance, causing potential damage to the UK economy and innovation if we don’t comply.

Why PSD2 is important

The implementation of PSD2 is important because of the benefits it could bring to your online financial transactions and experiences. Not only could PSD2 make it easier and quicker for consumers to pay online merchants, but transactions could also be more secure.

Transactions through open banking should be protected against cyber fraud by sophisticated authentication methods. PSD2 requires two-factor authentication, which reduces risk and improves online financial safety.

Additionally, PSD2 facilitates openness to financial data, which is necessary for enabling innovations in the financial services industry. It will lead to enhanced competition, which in turn will provide consumers with more and better financial choices.

Who is subject to PSD2?

PSD2 affects all member countries of the EU as well as those within the European Economic Area and anyone wishing to engage in the European payments market. 

What countries does PSD2 apply to?

The complete list of countries currently covered by the PSD2 is as follows:

  • Austria
  • Belgium
  • Bulgaria
  • Czech Republic
  • Cyprus
  • Denmark
  • Estonia
  • Finland
  • France
  • Germany
  • Greece
  • Hungary
  • Iceland
  • Ireland
  • Italy
  • Latvia
  • Liechtenstein
  • Lithuania
  • Luxembourg
  • Malta
  • Netherlands
  • Norway
  • Poland
  • Portugal
  • Romania
  • Slovakia
  • Slovenia
  • Spain
  • Sweden
  • United Kingdom

What does PSD2 mean for open banking?

Open banking allows banks and third-party financial service providers secure access to your bank and other financial data. Open banking is regulated by PSD2, which means that banks can share your financial data, such as regular payments and statements, with authorised service providers, as long as you permit them to.

What’s the difference between PSD2 and open banking?

Open banking is a service, while PSD2 is one of the regulations that govern how that service works. Effectively, PSD2 is the law that requires banks to provide data to third parties (as long as you have permitted them to), and open banking provides a standard format in which to provide your data.

Get a feel for open banking

If you want to get a feel for open banking, register for a Raisin UK Account. While you won’t receive a complete open banking experience, you can apply for savings accounts from a range of banks in one place.

All you need to do is register for a free Raisin UK Account online, click to apply for a savings account and transfer your deposit to your Raisin UK Account. There’s no need to fill out a new application each time you apply, and your money is deposit protected from the moment it arrives in your Raisin UK Account to when it automatically transfers to and from a partner bank.