The acronym PSD2 refers to the revised European Payments Services Directive, which has been in effect for electronic payments since September 2019. This is a European regulation whose main objective is to increase payment security and improve consumer protection. It also aims to increase the competitiveness of the online sector by evening out payment systems, putting large and small companies at the same level. Even though it’s mainly aimed at third-party payment platforms and banks, eCommerce businesses, as beneficiaries of these kinds of transactions, must be aware of its requirements to be able to adapt to them. Below, we’ll explain everything you need to know about the PSD2 regulation.
One of the most relevant changes introduced by the PSD2 was the possibility of making payments on eCommerce platforms so that payment platforms can be integrated into online stores with maximum security. This reduces the number of parties involved in the electronic transaction, improving the user experience as well as their trust in the brand.
You should also consider:
Two-step authentication for eCommerce purchases
With this regulation, Europe requires online stores to verify the identity of all of their clients using at least two of the three possible methods. This is called two-step authentication. Its goal is the reinforce user security and prevent fraud. For this, the three possible methods of validation are:
- Identification through something you have: your mobile phone or ID number
- Identification through something you know: your username or password
- Identification through biometric features: your face, eye, or fingerprint
Once aware of this, new eCommerce businesses and those that are still in the process of adaptation should check with their website development team to see if they need to make any changes to their checkout process or if the payment gateway is adapted to PSD2.
Open Banking: direct access to customer baking information
Another new aspect of this new European legislation for electronic payments is Open Banking, which offers businesses the possibility of accessing users’ banking information to speed up transactions—always with the customers’ explicit permission. This process optimisation benefits both the eCommerce business, through reduced costs, as well as the customer, who saves time and clicks.
The direct access that the merchant has to the banking details is done using APIs to keep the users’ security intact. APIs allow merchants to contact banks directly and reduce or eliminate the role of the payment providers.
Exceptions to the PSD2 in eCommerce businesses
It won’t be necessary to comply with this regulation and request double authentication in the case of:
- Low-value transactions
- Recurring payments or payments of the same amount to the same supplier or merchant
- Payments to trusted payees
- Pre-verified mobile purchases
While at first users had some doubts about the steps required to comply with the PSD2, they’ve gradually become accustomed to it and consider their transactions to now be more secure. For your eCommerce business, we recommend checking the costs of adapting to this regulation as well as the fees charged by different payment gateways and providers. Integrate them into your pricing strategy to reinforce customers engagement with your brand, your products, and your services.