Skip links
What is 3d secure and how does it work

What is PSD2?

In today’s digital age, payments are no longer limited to cash and cheques. People are now relying on online payments and mobile banking applications for their day-to-day transactions. As a result, the need for secure and efficient payment systems has increased. This is where PSD2 comes into play.

According to Statista, eCommerce losses from online payment fraud reached 41 billion U.S. dollars globally in 2022. As of 2023, the figure is expected to grow to 48 billion dollars.

A rise in fraud in digital payments has led to new regulatory obligations. In the EU’s Revised Payment Services Directive (PSD2), Strong Customer Authentication (SCA) has become a key requirement for merchants.

To make sure that their businesses are not disrupted, merchants must rethink their payment processes to comply with this new security standard.

What is PSD2?

PSD2 stands for Payment Services Directive 2. It is a European Union regulation that aims to create a more integrated and competitive European payments market while ensuring customer protection and security. The directive was adopted in 2015 and became fully effective in September 2019.

What types of services does PSD2 regulate?

PSD2 regulates two types of services: Payment Initiation Services (PIS) and Account Information Services (AIS). PIS allows third-party providers (TPPs) to initiate payments on behalf of the user from their bank account. AIS enables TPPs to access account information, including transaction history and balance, with the customer’s consent.

The regulation also requires banks to provide access to their customer’s account information and payment services through Application Programming Interfaces (APIs). These APIs allow TPPs to securely access the user’s bank account data and initiate payments without the need for the user to share their login credentials with the TPP.

What is the relationship between PIS &PSD2?

The relationship between PIS and PSD2 is essential as PSD2 requires all banks to open up their APIs to TPPs for initiating payments. TPPs can use these APIs to build payment initiation services and offer them to their customers. PISPs (Payment Initiation Service Providers) provide payment initiation services, enabling users to pay for goods and services directly from their bank account without needing a debit or credit card.

AISPs (Account Information Service Providers) provide account information services, allowing users to view their account information from multiple banks in a single application. For example, a consumer could use an AISP to view their bank account information from various banks in one application instead of logging into each bank’s website separately.

Are there any PSD2 exemptions?

PSD2 also provides some exemptions, such as low-value payments and payments between two parties with a pre-existing relationship. The regulation also allows banks to apply exemptions for transactions that are deemed low risk, such as recurring payments or transactions with trusted beneficiaries.

What do I need to do to comply with PSD2 SCA?

To comply with PSD2’s Strong Customer Authentication (SCA) requirements, banks and TPPs must ensure that transactions are authorised using two or more authentication factors. The factors must be independent of each other, such as something the user knows (such as a password), something the user has (such as a phone), or something the user is (such as a fingerprint).

SCA is an essential part of PSD2, and it aims to increase the security of online payments and prevent fraudulent transactions. It provides additional security measures to verify the user’s identity and ensure that only authorised payments are made. It is crucial to comply with PSD2’s SCA requirements to ensure the security and privacy of user data.

How do I enable 3D Secure?

In conclusion, PSD2 is a regulation that aims to create a more integrated and competitive European payments market while ensuring customer protection and security. 

From Trust Payments, TRU Connect is your fastest route to online payment acceptance, making your business totally compliant with PSD2 through any device or channel.

Whether you are trading in Europe or the UK, you can now get the most up-to-date security for your eCommerce transactions with our fraud prevention software.

Ready to get started with PSD2? Contact us to schedule a consultation.

Security statement

Security is our top priority at Trust Payments and we strive to ensure that all data is kept secure at all times We keep all customer data safe with AES256 encryption, SSL Certificates, and a minimum of TLS1.2, between your website and our datacentres.

Our systems are scanned quarterly using the Qualys PCI Platform, an independent Qualified Security Assessor (QSA) and approved vendors – Omnicybersecurity (UK) & Forgenix (US) – to ensure compliance with the security requirements of the card schemes.

We follow a number of rigorous security procedures on a daily basis including, but not limited to, continuous monitoring of our perimeter, dark web monitoring, and internal checks to ensure that CIA triad is maintained at all times.

Keep up with the latest in payments!

Fill the form below to sign up to our mailing newsletter.