PSD2 payment services directive

PSD2 is about to shake up the financial industry – here’s what you need to know about this new European regulation

Financial Institutions Mobile Operators
  • It’s no secret, competition drives innovation. PSD2 could change the face of the financial industry
  • The new regulation will foster an improved customer journey and ironclad security based on strong customer authentication
  • With IDEMIA’s identity management and authentication solutions, financial institutions have the best tools in hand to seize new business opportunities brought by this regulation.

Think of the items you use in your everyday life – chances are these products were either born out of competition or drastically improved by it. In 2018, financial institutions expect for the same surge in innovation with the revised Payment Services Directive (PSD2).

Fueling innovation

Competition drives innovation – from the technology we use, to the food we eat, and right down to the way we shop. And the “I-want-it-now” mantra of modern times has customers constantly hunting for the next big thing – keeping developers and innovators on their toes and fueling disruptions across countless industries. The essence of this idea is the major takeaway from the European Union’s PSD2.

Entered into force this year, the new regulation requires banks to hand over the keys to a vault of customer data to third parties -- with customer consent, of course. For the first time in industry history, new entrants will have the opportunity to step up and create financial products and services with full access to incumbent bank data. While financial institutions could look at the new law with a certain level of uneasiness, the underlying innovation factor is undeniable – which is a win not only for customers, but for the banks themselves.

Can easy also be secure?

Here’s a very relatable example: right now you may have bank accounts with several financial institutions, which means logging on to multiple mobile apps or websites, flipping between tabs and trying to analyze your spending habits across several platforms.. With PSD2, banks or third party fintechs can become aggregators -- meaning that they can directly access user bank accounts and compile all transaction data on a single platform. While aggregators alone are nothing new (they already existed thanks to a previous regulation loophole), PSD2 ensures that authorized aggregators will now follow strict guidelines to ensure a high level of protection of consumers. In the past, the users had to take the risk to entrust their aggregator service provider with their bank account credentials. With the open interfaces introduced by the regulation, consumers can now safely ask their different banks to grant access to their data for this aggregation service. The streamlined process not only simplifies the user experience, but data protection is more enhanced than ever with the requirement of Strong Customer Authentication (SCA).

As the global leader in Augmented Identity, IDEMIA is on the cutting edge of SCA solutions. SCA requires the verification of at least two of three independent authentication factors – inherence (biometric data), possession (something you have, namely your smartphone) or knowledge (a PIN code, for example) – to carry out any remote action that may imply a risk of payment, fraud or other abuses. So, let’s say you want to take out a home loan. Today, that means compiling months of bank statements and other financial documents and sending to a broker. In the post-PSD2 world, IDEMIA’s biometric solutions allow you to remotely prove that you are, in fact, you and give the loan company the greenlight to collect the data themselves, directly from your bank transaction history -- leaving you with more free time.

Speaking of free time, let’s talk about shopping. We all do a lot of it online these days and we’re all familiar with that tedious checkout moment when we have to get off the couch, grab our wallet and type in the credit card number. Sure, a lot of e-shops give customers the option to save their card details – but what happens if the site gets hacked? Instead of letting third party sites store your financial information, with PSD2 you can grant them temporary authorization to initiate payment directly from your bank account.

When the highest level of protection is required with SCA, at IDEMIA we are convinced that it should not be at the expense of convenience. Shoppers can have a seamless SCA experience thanks to IDEMIA’s CloudCard+ – a mobile solution that allows them to easily prove their identity by combining up to three authentication factors: the smartphone they own, a PIN they know and who they are (with their biometrics).

An opportunity to better serve consumers

Remember those “I-want-it-now” customers I mentioned? Well, their banking expectations are rising as well. Which means that PSD2 and the bump in competition is good news for financial institutions. Open access to data will give banks the opportunity, and the motivation, to streamline their offers, enhance websites and apps, provide new flashy services – all great tools to attract new customers, namely digital natives.

The backbone of all these new developments will be secure and streamlined identity management and verification. At IDEMIA, this is the core of our DNA and we’re ready to take the next step forward with our banking partners and usher in a new era of innovation.