Skip to content

Directive On Payment Services (PSD2) and Customer Authentication

The revised Directive on Payment Services (PSD2) is to be implemented in January 2018. PSD2 is going to introduce new rules focused on opening access to payment account information to 3rd parties.

The Payment Services Directive (PSD, 2007/64/EC) is an EU Directive, administered by the European Commission (Directorate General Internal Market) to regulate payment services and payment service providers throughout the European Union (EU) and European Economic Area (EEA).

Authentication procedures will be based on the following 3 elements – knowledge, possession, inherence. These elements should be independent to ensure that compromise of one does not compromise the other(s). The process of authentication should aim to protect the confidentiality of the authentication data and connect it to the amount and payee for remote electronic payments in a dynamic manner.

If you’re concerned about customer authentication, turn to, the #1 high risk processor in the US that offers unmatched security and protection for payment processing. EMB has an A+ rating with the BBB and is rated A by Card Payment Options. EMB is one of Inc. 500’s Fastest Growing Companies of 2016.

The EU’s 1st Payment Services Directive was introduced in 2007. Later, after the revision of the PSD, EU decided to include online-based payment services. The new PSD2 was enacted by the European Commission in October 2015. It’s projected to enter into force in January 2018.

The 2nd edition of the Payment Services Directive will bring its consequences in the field of customer authentication for payments in online trade. Ideally, this will lead to a high level of convenience and security for end customers and enable merchants and service providers to gain competitive advantages through new services.

The 3rd parties will be providers of account information services (AIS) and providers of payment initiation services (PIS) under PSD2. They will need a license as such. AIS providers will be able to extract a customer’s account information data, including transaction history and balances. As for PIS providers, they will be able to initiate online payments to e-merchants directly from the payer’s bank account using an online portal.