Payment Services Directive Explained: A Simple Guide

What is PSD2? - Wallester

Payment Services Directive 2 (PSD2) is a banking regulation connected with customer payment services, which was adopted in the European Union on 12 January 2016. Its implementation in European Economic Area finished on 31 December 2020, and the UK final deadline was 14 March 2022. The previous Payment Services Directive the European Parliament adopted in 2007.

Since then, everything from the technological and market point has changed in EU member states. The number of credit and debit cards drastically surged to over 810 million in Europe in recent years.

The European Commission and European economic and financial regulators established the same rules for card issuers, e-commerce, and other payment-related businesses. They created a new directive to protect consumers, resolve complaints and increase competition.

A revised payment services directive eases the life of banking services consumers. Its primary goals are to:

  • Increase the security of banking operations.
  • Protect customers from fraud.
  • Foster innovation and competition in the banking domain with Third Party Providers (TPPs).

In the next section, let’s discuss how regulation drives innovation and consumer security.

An overview of how the PSD2 fosters innovation, consumer protection, and security

The adoption of PSD2 was mainly oriented toward consumers of online banking services. The security and safety of customers are based on Strong Customer Authentication (SCA), Transaction Risk Analysis (TRA), Secured Communication, and Risk Management.

The security requirements of SCA can reduce fraud and increase safety while providing better customer experience and services.

The primary security measure for consumers is two-factor authentication. It includes information based on such principles:

  • Knowledge – it is something that is known only to the consumer (i.e., PIN, OTP password)
  • Possession – it is something that only the customer may possess (i.e., phone, card, token)
  • Inherence – it is something only the user is (i.e., biometric characteristics like a fingerprint and facial recognition)

Security features from a technological point of view are based on 3D Secure. It is a standard security protocol in the payments industry, which allows:

  • A flexible approach for low-value transactions.
  • Smooth integrations with Apple Pay, Google Pay, and other providers.
  • Richer authentication data to be sent to a user, increasing authentication rates.  

If a consumer lacks one security level, i.e., a mobile phone, other security measures should not be compromised.  

The customer can avoid strict security measures in two cases:

1. Low-value recurring payments (e.g., 30 Euros)
2. Making regular payments to “whitelisted” merchants

In such cases, a consumer doesn’t require passing 3D Secure measures.

The main drivers for innovation with PSD2:

  • Competition forces third parties to offer innovative solutions, which facilitate customer care and security.
  • Bank and TPP may use consumers’ data to “guess” customers’ preferences and provide top-notch services for them.
  • Multi-factor authentication makes it easy to use and secure for banking clients.  
    The following section will show how third-party providers can bring innovative solutions for better customer service.

How Third-Party Providers (TPPs) will drive payments competition and innovation

Customers used to get access to their banking accounts only through banks. But with PSD2, new players in the “financial services field” have appeared. Third-Party Providers (TPPs) are new companies with access to users’ bank accounts to initiate payments or/and provide information services to customers. Banks provide these organizations with secure application programming interfaces (APIs) according to specific regulatory technical standards. This technological innovation increases competition between payment service providers in the EU and the UK.  

We can divide TPPs into two categories:

  • Account Information Service Providers (AISPs). These companies have access to customers’ accounts to deliver information services. As a result, users can gather all information from different accounts in several banks in one app, giving consumers greater control of their finances.
  • Payment Initiation Service Providers (PISPs). These organizations initiate payment on customers’ behalf, so they don’t need to visit their bank.

Payment services providers’ involvement enhances customer service for consumers and merchants.

Users can manage their financial situation better by tracking all accounts from various banks with one TPP app. Customers can monitor the best banking offers in one place without searching for them, visiting different websites, and comparing. Those AISPs save so much time for users.

The following section provides a more detailed analysis of what innovations brings to customers.

How does PSD2 affect consumers?

The EU regulators have conceived an updated law as a “helping hand” for users. They obtain the convenience of banking operations as well as improved protection. Let’s take a closer look at how it benefits consumers.

Payment initiation

Consumers can allow PISPs to initiate payments on their behalf without visiting banking establishments. This feature is possible due to SCA, particularly with 3D Secure, and saves lots of time for customers.

Advanced apps (account aggregation, money exchange)

Account aggregation through APIs can help to collect, collate and share users’ financial data (credit and debit card data, mortgages, loans, deposits, etc.) from various sources (different banking organizations). Imagine if a consumer has several loans, deposits, and mortgages in one bank and similar accounts in another. Before the PSD2 adoption, it would take hours for them to figure out what assets and liabilities they had.

Now, a customer can get this information with a button click.

Currency exchange has also become less cumbersome. A consumer doesn’t need to visit banks. Currency exchange rates and other necessary data are provided via APIs using financial data from the bank.

Cardless withdrawal

Modern apps allow so-called “cardless withdrawal.” To transfer money to the recipient, a customer needs to know only their phone number. The person who receives the money can do so without a credit or debit card.


Digital coupons enable easier shopping and e-commerce transactions for consumers. Keeping those bonuses in a single app saves more time for them. There is no need to search for the right coupon in virtual or physical form for a specific purchase.

Instant P2P payments

P2P (“peer-to-peer”) payments usually refer to transfers between your family and friends. All you need to know is the email or phone of the person you want to send money to. But be cautious because you can’t get your money back since you approved the remittance.

Decoupled cards

These cards can be connected to the banking account but not provided by the bank that opened this account. Only licensed Fintech companies and merchants can issue those kinds of cards, support them and offer services with lower costs for customers.

No surcharges on payments covered by the Interchange Fee Regulation

The  “surcharging” banking practice has become obsolete with PSD2. So now, new innovative technologies can’t be used as an excuse for extra commission fees. Of course, consumers are very pleased with this.

Increased security for payment services

As mentioned above, SCA has a few levels of user protection. Besides these security measures, it is possible to use dynamic links to the number of operations and the payee account for remote transactions. Those features can protect you from fraud and mistakes during transfers.

For low-value payments, there are exemptions, which we mentioned before.

Open banking

When banks provide access and control via APIs to financial and personal consumers’ data to TPPs, this is called “open banking.” Instead of centralization, a network of TPPs can securely share customers’ data with other financial institutions. Consumers gain access to all possible banking services from many banks within a single app. Besides adding third-party capabilities to make  direct debits on behalf of the customer, open banking also allows cross-border payments.

Implications for all

PSD2 implementation considering payment systems significantly impact several groups. So let’s look at some of the consequences for these entities.


The EU banks need to provide open access to data and create innovative business models and revenue sources within financial ecosystems or platforms by developing open APIs and sharing them with third-party companies. Collaboration with those entities enables banks to decrease time to market and costs.

Although PSD2 is focused mainly on retail payments for consumers, banks started offering services for corporate customers and investors, improving customer care.

Payment companies

With open access to payment accounts and systems, competition in the Fintech sector drastically increases. However, integrations with payment providers, networks, and merchants’ points of sale can help gain extra points for payment companies.

Card processing bank divisions and credit card companies will be affected because retailers and other industries prefer to use open APIs rather than card processing.  

Other ecosystem participants

New PISPs with third-party access requirements will arise in the payments market. Non-bank corporates like Amazon and Fintech companies receive access to consumer banking data and offer them a new level of customer experience.

Consumers obtain a high level of security and a broader range of convenient new services, saving them time and money on immediate electronic payments via mobile apps, including P2P payments and cash withdrawals. As a result, online and mobile payments will rise significantly in the following years.  

Five takeaways: the anticipated benefits of PSD2 for merchants

  • Two-factor authentication helps execute payments with increased security and convenience
  • Fraud rates will decrease, which leads to more considerable trust
  • Various payment options for consumers expedites turnover and enhances customer experience
  • They can access some of the customers’ data with AISPs to make risk assessments
  • Ability to analyze users’ payment flows, balances and find the highest value customers.

Prepare yourself for PSD2

PSD2 enhances security with SCA, 3D Secure, and improves customer experience with nifty features and boosts innovation in the financial sector with TPPs. With Fintech companies like Wallester, you can fully experience all benefits of PSD2. All VISA cards on Wallester platforms have strong customer authentication (SCA) features for secure payments and guarantee regulatory compliance with PSD2.

Contact us for more information here.


What does PSD2 mean for banks?

Banks must give access to their consumers’ personal and financial data to Third-Party Providers (TPPs) through APIs. PSD2 means enhanced protection of banking consumers’ rights. Cooperation with TPPs allows banks to provide better customer service and experience with innovative banking solutions.  

Where can I find details of the notification process for firms seeking to benefit from the Limited Network and Electronic Communication Exclusions provided for under Regulation 45 of the Payment Services Regulations 2018/Article 37 of PSD2?

All information is available on your country’s Payment Institutions section of the Central Bank website.

What does the development of TPPs mean for e-commerce merchants?

With the aid of AISPs, they can access customers’ data and analyze it to provide top-notch timely service according to consumers’ needs and wants.

But a new order urges sellers to seek more appropriate ways to obtain customer consent to store their payment data for both parties. Merchants must comply with General Data Protection Regulation (GDPR) in this case.  

Concerning the PSD2 directive, what is the new timeline?

A new deadline for PSD2 in the EU was set by the European Banking Authority (EBA) by December 2020. However, a new deadline has been nominated for 14 March 2022 by the Financial Conduct Authority in the UK.

Please, improve your experience!

You’re using an unsupported web browser. As Wallester supports the latest versions, we highly recommend you use an up-to-date version of one of these browsers: