Cards
APMs
Chargeback Management
Subscriptions
Antifraud
Pricing
Documentation
API Reference
Support
Status Page
Blog
Glossary
Payment Page demo
The Payment Services Directive (PSD) is a regulatory framework introduced by the European Union to regulate payment services and payment service providers within the EU. The directive aims to promote competition and innovation in the payments industry, enhance consumer protection, and improve the security of electronic payments. The PSD has undergone several updates, with the most recent being PSD2, which was introduced in 2015. Discussions are underway about the possibility of introducing a new update, PSD3.
Table of Contents
PSD2 vs PSD3: Key Differences
PSD2 introduced several significant changes to the regulatory framework for payment service providers. One of the most notable changes was the requirement for Strong Customer Authentication (SCA) for most electronic payments. SCA requires customers to authenticate their identity using two or more factors, such as something they know (e.g., a password), something they have (e.g., a phone), or something they are (e.g., a fingerprint).
However, PSD2 has faced criticism for being overly complex and difficult to implement. One major focus of PSD3 is on simplifying and streamlining the regulatory framework for payment service providers. PSD3 is also expected to introduce more streamlined and effective security measures to replace SCA.
PSD3 is expected to clarify the regulatory framework for Third-Party Payment Providers (TPPs) and promote the development of new and innovative payment services. It is also expected to introduce measures to prevent fraud and scams and enhance consumer protection.
PSD2 & PSD3: Key Features
- Strong Customer Authentication (SCA): PSD2 requires that all electronic payments be authenticated using at least two independent elements, such as a password and a fingerprint. This is aimed at reducing fraud and increasing security for online payments.
- Open banking: PSD3 enables customers to share their financial data with third-party providers (TPP) with their consent. This creates new opportunities for innovation and competition and enables customers to benefit from new and more convenient services.
- Access to Payment Accounts: PSD3 allows third-party providers (TPPs) to access payment accounts held by customers at other financial institutions with the customer’s consent. This is intended to increase competition and innovation in the payment services market.
- Transparency and Interchange Fees: PSD2 requires that interchange fees for card-based payment transactions be capped and that merchants be informed of the fees charged for accepting card payments.
- Fraud reporting: PSD2 requires that payment service providers report any fraud to the relevant authorities and PSD3 is expected to strengthen anti-fraud mechanisms.
- Increased competition: PSD3 aims to increase competition in the payments market by allowing new players, such as fintech companies, to enter the market more efficiently.
What do PSD3 Changes Mean for Merchants?
Merchants will likely benefit from the increased focus on security and fraud prevention under PSD3. More streamlined and effective security measures are expected to reduce the number of fraudulent transactions, which can be costly for merchants.
PSD3 is also expected to promote innovation in the payments industry. This could lead to the development of new payment services and business models, which could benefit merchants by increasing competition and providing more options for accepting payments.
However, the regulatory framework for TPPs under PSD2 has been criticized for not being clear and consistent across the EU. PSD3 aims to clarify this framework, which could make it easier for merchants to work with TPPs and benefit from the services they offer.
One of the concerns merchants have about PSD3 is the potential cost of implementing the changes. PSD2 was costly for merchants to implement due to the requirements for SCA, and it is unclear whether the new security measures under PSD3 will be any less costly.
PSD3 could also have implications for the relationship between merchants and their customers. If the new security measures are too cumbersome or complicated, it could lead to frustration and dissatisfaction among customers. Merchants may need to invest in educating their customers about the new security measures to avoid any negative impact on customer experience.
Clarifying the Regulatory Framework for TPPs
One of the major changes that PSD3 is expected to introduce is clarifying the regulatory framework for TPPs. Under PSD2, the regulatory framework for TPPs was not clear or consistent across the EU. This created barriers for TPPs to operate in different member states and hindered the development of new and innovative payment services.
PSD3 aims to clarify the regulatory framework for TPPs, making it easier for them to operate across different member states. This could benefit merchants by providing more options for accepting payments and improving competition in the payments industry.
PSD3 is also expected to promote the development of new and innovative payment services. This could create new business models that benefit both merchants and consumers. However, it remains to be seen how the regulatory framework for TPPs will be clarified under PSD3 and what impact this will have on merchants.
Strengthening Security Measures
Another major focus of PSD3 is strengthening security measures for electronic payments. While PSD2 introduced SCA as a mandatory requirement for most electronic payments, the implementation of SCA has faced criticism for being overly complex and creating friction in the payment process. This can result in abandoned transactions and a poor user experience.
PSD3 is expected to introduce more streamlined and effective security measures to replace SCA. These new security measures could include biometric authentication or the use of tokenization. Tokenization is the process of replacing sensitive payment data with a unique identifier or token, which can help to reduce the risk of fraud and protect the privacy of customers.
The new security measures under PSD3 could benefit merchants by reducing the number of fraudulent transactions, which can be costly for merchants. However, there are concerns about the potential cost of implementing these new security measures.
Potential Cost of Implementing PSD3
One of the concerns that merchants have about PSD3 is the potential cost of implementing the changes. PSD2 was costly for merchants to implement due to the requirements for SCA, and it is unclear whether the new security measures under PSD3 will be any less costly.
The potential costs of implementing PSD3 could vary depending on the specific security measures that are introduced. For example, if PSD3 introduces biometric authentication, merchants may need to invest in new hardware or software to support this type of authentication. Similarly, if PSD3 introduces tokenization, merchants may need to update their payment systems to support this new technology.
It is also possible that the new security measures under PSD3 could lead to additional costs for merchants in the form of increased transaction fees. Payment service providers may need to invest in new technology and infrastructure to support the new security measures, which could be passed on to merchants in the form of higher transaction fees.
Impact on Customer Experience
PSD3 could also have implications for the relationship between merchants and their customers. If the new security measures are too cumbersome or complicated, it could lead to frustration and dissatisfaction among customers. Merchants may need to invest in educating their customers about the new security measures to avoid any negative impact on customer experience.
The potential impact on customer experience highlights the importance of designing security measures that are both effective and user-friendly. A balance needs to be struck between security and usability to ensure that customers are protected from fraud and scams without experiencing unnecessary friction in the payment process.
When will PSD3 Arrive?
Even though PSD3 is still in its preliminary phases, the adoption and formalization of the new directive could take place as early as the next 3-5 years, considering the history of PSD2, which was adopted in 2015 and came into force in 2018.
Conclusion
PSD3 is expected to introduce several significant changes to the regulatory framework for payment service providers. The new directive is expected to clarify the regulatory framework for Third-Party Payment Providers, promote the development of new and innovative payment services, and introduce more streamlined and effective security measures.
These changes could benefit merchants by reducing the number of fraudulent transactions, increasing competition in the payments industry, and providing more options for accepting payments. However, there are also concerns about the potential cost of implementing the changes and the impact on customer experience.
The ultimate success of PSD3 will depend on its ability to strike a balance between security, innovation, and usability. If the new directive can achieve this balance, it could have a positive impact on the payments industry and benefit merchants and consumers alike.
