What is PSD2?

PSD2 is the second Payments Services Directive from the European Union. It is designed to bring Europe’s single financial market into the digital age and will revolutionize the payments industry. Under PSD2, the way in which people pay, share bank account details and view account information will all change. PSD2 aims to breakdown the monopoly of banks on customer data and allow third parties access to improve the delivery of financial services.

PSD2 is the result of the impact of FinTech on the financial services industry. Consumers are growing increasingly accustomed to looking beyond high street banks for financial services. For instance, many now choose to use online budgeting tools to improve their spending habits, rather than seeing an advisor at the bank. Similarly, the growth of app-only banks such as Monzo are true testament to the acceptance of alternative financial services providers in everyday life.

To access the full benefits of these providers, consumers often have to handover their bank account details. At the best of times, this can be a risk, however it is even more so when there is not an international legal framework in place to protect consumers if something was to go wrong. PSD2 provides this regulation to help protect consumers.

To start with, PSD2 forces banks to allow these alternative providers access to a consumer’s account (with the customer’s permission). This stops unnecessary fraud alerts and bank account freezing when a consumer hands over details to an online budgeting tool. It also means that merchants such as Amazon could complete a purchase on behalf of the consumer, rather than redirect them to another payment service such as PayPal or Visa. What is more, for customers with more than one bank account, PSD2 will consolidate all these account details in one place – in a similar vein to the service offered by Mint in the United States. This provides consumers with an overview of their bank accounts, helping to pinpoint opportunities for savings and to encourage account switching where necessary.

PSD2 is not going to change where consumers keep their savings, this will still be held by their bank. But it will enable greater access to account details by outside providers. As a result, PSD2 will also determine the level of security offered by banks. The most important change will be the introduction of two-factor authentication. In the past, banks have only required one level of ID verification to determine that it is not a fraudulent access attempt. Now, banks will require two from the consumer.

This could any combination of ‘something you are’, ‘something you own’ and ‘something you know’ – or your fingerprint/face ID, your mobile device and your PIN/password.

These security checks will be completed in real-time and to no inconvenience of the consumer. With greater access to customer account details, these security checks will be significant in fighting fraud.

The EU has set a 2018 deadline for compliance to PSD2 and so banks will be forced to put these changes into place very soon. In our digital age, this legislation will democratize banking, encourage account switching and revolutionize our relationship with the financial services industry.

For more information, check out Gemalto’s blogs on PSD2: