PSD2 was approved by the European Parliament on 16th November 2015, and came into force last week. The first countries expected to ‘transpose’ PSD2 will be the UK, Bulgaria, Denmark, Germany, Austria and France. Mondato expects Poland and Iceland to be among the last.
The directive is exciting for the mobile content and commerce community because it gives them a little more scope to act as payment enablers. As part of our Mobile Money Working Group, MEF has issued a comprehensive guide explaining the complex PSD2 Directive and the opportunities and challenges it presents for your business.
Authored by mobile financial services experts Mondato and exclusively available to MEF members, the free guide is designed to help you better understand the changes and to assist in developing a sound PSD2 compliance strategy, while recognising the many new opportunities to be created.
Here are seven of its key messages:
More opportunities for direct operator billing
MNOs could traditionally ‘charge to bill’ for voice and ‘mobile consumables’ without being licensed as payment institutions. PSD2 expands these exclusions for digital content to cover charity donations and electronic tickets.
New limits on charge to bill amounts
Mobile operators can only offer individual charge-to-bill transactions at below EUR 50 each, with a monthly cap of EUR 300.
Banks to allow ‘Access to Accounts’ (XS2A)
Banks will have to release APIs so that any regulated “third party payment provider” (TPP) – with permission – can get access to bank accounts.
Opportunities for ‘Account Information Service Providers’
If and when banks open access to their APIs, start-ups may be able to create new products by using the information, with the consent of the account holder. Thus, one can imagine financial management apps that analyse a consumer’s many accounts and then tailor the best offers.
Opportunities for new payment providers
The PSD2 allows for TPPs such as “payment initiation service providers” (PISPs) to initiate payment transactions. These PISPs can offer a direct link to the bank account if the customer authorises it. This way, the customer can initiate a transfer direct from the current account to the merchant.
A new era of ‘push payments’
XS2A holds the potential to change the way payments are made. At present, consumers give the merchant their credit or debit card details, from which the merchant can ‘pull’ the amount owed via the card scheme. Under PSD2, this changes. Instead, the customer pushes the payment. It means merchants no longer need to accept credit/debit cards.
Strong customer authentication by law
The new law mandates new security requirements where the payer accesses a payment account online or initiates any kind of electronic transaction. It advises “strong authentication”, which effectively means two-factor authentication will be the minimum security standard. Draft technical standards will be submitted to the Commission within 12 months of PSD2 entering into force. PSPs that do not comply with this requirement will be responsible for any losses due to identity fraud.