How PSD2 Will Affect Your Digital Business And Your Payment Systems?
Aug 285 min read
Co-founder at Ideamotive. Technological advisor and software consultant.
On September 14th, the EU’s PSD2 directive will come into effect. It’s important to make sure you understand what changes to make to your payment processing, so you can continue to conduct business seamlessly.
PSD2 (Payment Service Directive) is a new mandate being implemented by the EU to help stimulate online payment services. This directive will loosen the hold that banks currently hold over customer’s account information and payment services.
The changes that will take place can mean the difference between your users’ transactions being accepted or declined, so now is the time to look into PSD2 consultation services if you feel unclear about what changes you need to make for your specific payment service.
TTP and more transparent financial management won’t be the only changes to take place. PSD2 will also:
Lower chargers for consumers and ban surcharges for around 95% of card payments in the EU. This will apply to domestic and EEA payments, saving consumers more than then €550 million annually.
Users will have more financial protection in this new single payment market. There will be better protection against fraud and any other abuses as a result of improved security measures, which are being put in place.
In regards to losses, the PSD2 directive streamlines the liability rules in cases of unauthorized transactions, again further protecting the consumer.
Overall, this updated directive will improve the user experience when paying by card within the EU.
Any company that is a third-party provider, or involved in an EU bank will be affected by the changes this directive brings. All EU banks will be required to implement PSD2 rules into their system – and in some cases, banks and third-party providers outside of the EU might even opt-in depending on how successful this directive becomes.
The important changes affecting businesses that will take place on September 14th include:
All companies providing payment services in the EU will be required to have a payment license. You will need to register with the EBA.
Many online payments will require and SCA (Strong Customer Authentication), which is a two-factor authentication meeting the European Bank Authority’s (EBA) requirements. The SCA confirms the user’s identity, using a two-factor authentication, during the transaction process. One of the most common mechanisms used for card payments is 3Dsecure, also known as “Verified by Visa” or “Mastercard Identity Check”.
Be prepared! Is your payment system PSD2-compliant?
There are a few ways to make sure your business is prepared for the PSD2 directive implementation. The simplest and most time-effective solution is to reach out to companies that provide PSD2 consultation, to ensure that your payment system is compliant with the new rules being put in place. Keeping your systems up-to-date will determine its overall success as technology continues to shape our world.
What you’ll need to make sure you’re payment system is compliant with the PSD2 directive are an SCA, choosing a PSP that is PSD2-compliant, updating or confirming updates of your payment systems and clarifying your TRA.
This will be applied to customer-initiated payments where the user’s bank and business’ payment provider are both located in the EEA. This also applies to UK organizations on departure from the EU.
There are some exemptions to the SCA, which include low-value payments, low-risk payments or reoccurring transactions. But more often than not, you will likely be required to ensure that your checkout process includes an SCA in order for your users’ transactions to go through.
Choose a PSP that is PSD2-compliant
Businesses need to ensure that their PSP (Payment Service Provider) is compliant with PSD2. This simply means that your PSP must offer SCA (Secure Consumer Authentication).
There are many payment service providers that offer a checkout option to make it simpler for businesses to adjust to the changes. They take on the burden themselves, so your business doesn’t need to. Working with PSD2-compliant PSPs will ensure you’re in the clear.
Updates for payment systems or e-commerce solutions
If using a custom payment system, making your business compliant with the new directive will mean you just need to add a bit of code to your checkout process, which will add the SCA. Companies like amazon pay provide this code for their partners in their resources.
In the case of using an eCommerce solution, the changes are most likely going to be automatic, but it’s important to check with them to make sure that this will happen before September 14th so that you don’t end up with declined transactions as a result of not having the SCA in your checkout process. If you are using an existing payment platform, you still need to check if any additional updating with your integration is necessary.
Clarifying your TRA
As an additional measure of compliance, it’s a great idea for your business to confirm with your acquiring bank what their Transaction Risk Analysis (TRA) exemption rate will be. This could increase or decrease the number of transactions that are processed without friction.
If there is an exemption limit on transactions, they will go through as they would have before the PSD2, and your business will be compliant. But transactions outside the TRA exemptions will be required to have an SCA. The final decision on these TRA exemptions lies in the hands of your issuing bank.
PSD2 changes are almost here. The clock is ticking.
With the implementation of the PSD2 directive on September 14th, 2019, there are quite a few changes to be expected. The changes that will be made to online payment processes diminish the banks’ monopoly while opening the doors for other companies to come in and provide financial services. The additional security that will also come with this directive, such as the addition of SCAs to the checkout process, will improve the overall security of these transactions.
For businesses, these changes mean ensuring that your payment processes and services will be compliant with the new rules. Outlined above are some simple ways to ensure your business is up-to-date, to reduce the risk of having transactions declined once the change takes effect.
As a word of advice, don’t hold off on making these important changes. September 14th is just around the corner, and using the right tools will help to keep your business running smoothly. Your business depends on your payment systems still working after PSD2 is implemented. Reach out to us and book a free consultation.