The way European businesses and consumers pay for goods and services online is about to change with the second edition of the Payment Service Directive (PSD2) regulations, to go into effect Jan. 13, 2018. And it is payment service providers and third party payment platforms who will be the beneficiaries.
Through PSD2, the stronghold that banks have over a customer’s personal information will somewhat diminish. Banks will have to share customer and business data with third-party PSPs, should the customer/business choose to pay for goods or services through such a third party.
Experts have offered their insight on what EU consumers are going to see, and it includes neutrality between banks and PSPs, tighter security restrictions for all parties with an adoption of more effective authentication methods.
Part of the impetus of PSD2 is heavy emphasis on payments and information security. In fact, businesses and consumers should get familiar with the term, ‘strong consumer authentication,’ which is based on three elements:
- Knowledge: Something only the user knows.
- Possession: Something only the user possesses.
- Inherence: Something the user is.
These three elements – the required use of two of the three – comprise the new standard in consumer authentication. A single password will no longer be considered sufficient. Additionally, all three elements must be independent of one another, so as not to compromise the dependability of the other two.
Some examples of strong customer authentication include:
- 3D Secure versions 1.0 and 2.0
- Two-factor authentication
- Biometrics: a fingerprint or even a retina scan
- CVV code
Competition between banks and payment service providers
With the implementation of PSD2, the playing field between banks and payment service providers is going to level off. The reason for this is that PSD2 will mandate banks of customers give third parties (PSPs, social media channels and apps that offer payments) permission to retrieve customer account information from banks when the customer/business wants to make a payment through a third party.
At first glance, it may seem that enabling third parties to access customer/business account information doesn’t seem safe, as if the mission of PSD2 is contradictory in enabling wider access to consumer/business sensitive information. However, the new security standards mentioned above offer evidence to the contrary.
Since third party payment service providers are going to be able to compete with European banks for business, banks are going to have to get creative in attracting and maintaining customers and businesses to use their services. Cutting edge and robust security features will play a role in attracting new business.
Says one expert, the competition between banks and PSPs will drive banks to limit transaction fees – and be more transparent with them – for card payments.
Payment processing with Instabill
Instabill has been among the best payment service providers in the high risk e-commerce space since 2001 and has stood the test of time through adapting to regulatory changes from governments and governing bodies within the industry. Have a five-minute conversation with one of our merchant account managers today at 1-800-530-2444. We likely have a payment solution for you.