For some time now, as users, we have noticed a change in the way online payments are made. At the same time, customers have also informed us of technical actions they had or were implementing in the payment gateways. And what has all this been due to? Well, because of the European PSD2 regulation.
And what is PSD2, you may ask?
It is an acronym whose meaning is Payment Services Directive 2.0. This is a European regulation that updates the 2007 regulation. This was the first Payment Services Directive at European level (PSD1). The main objective of these directives is the creation of a single payments market in the European Union. In other words, to generate a change in the relationship between money and new technologies. PSD2 was approved in 2015.
This update of the PSD directive is aimed at both consumers and merchants. It promotes the development of a single, more integrated and efficient payments market. It enhances the role of both actors by guaranteeing easier and safer electronic payments as they are the sole owners of the destination of their money and data.
It also allows third party providers (Third Party Providers or TPP) to intervene in the payments. This is known as open banking.
At Spain Royal Decree Law 19/2018 was approved. The regulation includes the rights and obligations of institutions and customers in the area of payment services. The regulation sets out the rights and obligations of entities and customers with respect to payment services. A very relevant issue is the reinforcement of security measures to carry out these transactions, including double authentication or reinforced authentication measures.
And what are its benefits?
Forcing banks to open their online payment systems to third parties also implies the creation of two new types of entities. The PISP (Payment Initiation Service Provider) provides the user with a payment transaction using its platform to connect him to a bank. And the AISP (Account Information Service Provider) obtains a user's financial information from one or more banks.
These new types of entities and the new framework created by these regulations lead us directly towards two benefits tangible assets:
- Better financing conditions. By being able to access customer information, both PISP and AISP can offer optimal financing terms.
- Better advice. The overview of a user's financial situation that can be used using this new legislation will enable these entities to offer more competent products and services by having a more realistic profile of their potential customers.
In addition, the new regulation also provides for greater consumer protection in the event of fraud. Thus, the user will only be liable for unauthorized payments of up to 50 euros, and above that amount the supplier will have to pay the amount defrauded. Under the previous directive this amount was up to 150 euros.
And how does PSD2 affect me as a user?
One of the main novelties is that the new PSD2 regulation introduces Strong Customer Authentication ("SCA") as a way to reinforce the security of your transactions.
With the idea of increasing consumer confidence in electronic payments, it establishes new minimum authentication requirements for the user, for which the SCA (or double authentication) is of great value. This requires the application of 2 or 3 factors to choose between:
- One thing that the user knows (e.g., the password).
- One that you own (e.g., cell phone).
- Another is, for example, the fingerprint or face.
The first one will no longer be enough as it is now, but 2 will be necessary (double authentication or SCA), being the use of biometrics one of the most complex elements to breach as they are unique to each person.
How have ecommerce had to act?
The ecommerce have had to adapt to the new regulations. Modify all their web development in the section of payment methods and cart to adapt to the new regulations as well as all their ERPs so that everything works normally and there are no errors difficult to solve.
Non-payments due to the user's lack of knowledge of how to make the payment or not having access to online banking, the payment is not made and is recorded as an error in the payment or abandoned payment. In this sense has led to declines in conversion rate as some banks do not facilitate the process and do not give priority to their customers to download their application in order to be able to buy online.
In order to try to solve as much as possible these declines in sales and conversion rates, many ecommerces have proceeded to carry out didactic efforts to educate and train their users through mailings of newsletter informing customers how to do so and/or direct contact by phone or email to close the abandoned purchase/payment.
Finally, and to know a little more about how the European PSD2 regulation has affected the Spanish ecommerce, here you have an article by marketing4ecommerce in which they convey the impressions and feelings of several experts and managers in the sector.