Qubepay PSD2 and PSD3

The European Union’s Payment Services Directive (PSD) has been a cornerstone in regulating electronic payments and fostering innovation within the financial sector. With the introduction of PSD3, significant updates and changes are on the horizon. Let’s delve into the key differences and updates between PSD2 and PSD3.

1. Scope and Coverage

PSD2: Introduced in 2015, PSD2 aimed to enhance consumer protection, promote innovation, and improve the security of payment services across the EU. It brought significant changes, including the introduction of Strong Customer Authentication (SCA) and the facilitation of open banking.

PSD3: Building on the foundation of PSD2, PSD3 aims to address the evolving landscape of digital payments. It expands the scope to include more comprehensive regulations on open finance, ensuring a broader range of financial services and products are covered¹.

2. Strong Customer Authentication (SCA)

PSD2: SCA under PSD2 required multi-factor authentication for electronic payments to reduce fraud and enhance security. This included something the user knows (password), something the user has (smartphone), and something the user is (biometric data).

PSD3: PSD3 introduces more stringent SCA requirements, focusing on improving the robustness of authentication processes. It aims to reduce friction for consumers while maintaining high security standards¹.

3. Open Banking and APIs

PSD2: PSD2 was a pioneer in mandating banks to open their payment services and customer data to third-party providers (TPPs) through APIs, fostering competition and innovation.

PSD3: PSD3 takes this a step further by enhancing the quality and performance of APIs. It aims to standardize API functionalities across the EU, ensuring a more seamless and reliable open banking experience².

4. Consumer Protection and Fraud Prevention

PSD2: Focused on protecting consumers from fraud and unauthorized transactions, PSD2 introduced measures like liability caps and mandatory refunds for unauthorized payments.

PSD3: PSD3 strengthens these protections by introducing more comprehensive fraud prevention mechanisms and risk-based approaches to fraud detection. It also emphasizes the protection of consumer data and privacy³.

5. Regulatory Framework

PSD2: As a directive, PSD2 required transposition into national laws by EU member states, leading to some inconsistencies in implementation.

PSD3: PSD3 introduces the Payment Services Regulation (PSR), which will be directly applicable across all EU member states without the need for national transposition. This aims to create a more harmonized and consistent regulatory environment².

6. Licensing and Supervision

PSD2: PSD2 set out the requirements for the authorization and supervision of payment service providers (PSPs).

PSD3: PSD3 refines these requirements, focusing on the licensing and supervision of both payment and e-money institutions. It aims to simplify the licensing process and ensure more stringent oversight².

The transition from PSD2 to PSD3 marks a significant evolution in the EU’s approach to regulating digital payments. By addressing the challenges and opportunities presented by the rapidly changing financial landscape, PSD3 aims to enhance consumer protection, foster innovation, and ensure a more secure and efficient payment ecosystem.

Stay tuned to Qubepay.com for more updates and insights on PSD3 and its impact on the payments industry.