The European Union’s Payment Services Directive (PSD) has been a cornerstone in regulating electronic payments and fostering innovation within the financial sector. With the introduction of PSD3, significant updates and changes are on the horizon. Let’s delve into the key differences and updates between PSD2 and PSD3.
1. Scope and Coverage
PSD2: Introduced in 2015, PSD2 aimed to enhance consumer protection, promote innovation, and improve the security of payment services across the EU. It brought significant changes, including the introduction of Strong Customer Authentication (SCA) and the facilitation of open banking.
PSD3: Building on the foundation of PSD2, PSD3 aims to address the evolving landscape of digital payments. It expands the scope to include more comprehensive regulations on open finance, ensuring a broader range of financial services and products are covered1.
2. Strong Customer Authentication (SCA)
PSD2: SCA under PSD2 required multi-factor authentication for electronic payments to reduce fraud and enhance security. This included something the user knows (password), something the user has (smartphone), and something the user is (biometric data).
PSD3: PSD3 introduces more stringent SCA requirements, focusing on improving the robustness of authentication processes. It aims to reduce friction for consumers while maintaining high security standards1.
3. Open Banking and APIs
PSD2: PSD2 was a pioneer in mandating banks to open their payment services and customer data to third-party providers (TPPs) through APIs, fostering competition and innovation.
PSD3: PSD3 takes this a step further by enhancing the quality and performance of APIs. It aims to standardize API functionalities across the EU, ensuring a more seamless and reliable open banking experience2.
4. Consumer Protection and Fraud Prevention
PSD2: Focused on protecting consumers from fraud and unauthorized transactions, PSD2 introduced measures like liability caps and mandatory refunds for unauthorized payments.
PSD3: PSD3 strengthens these protections by introducing more comprehensive fraud prevention mechanisms and risk-based approaches to fraud detection. It also emphasizes the protection of consumer data and privacy3.
5. Regulatory Framework
PSD2: As a directive, PSD2 required transposition into national laws by EU member states, leading to some inconsistencies in implementation.
PSD3: PSD3 introduces the Payment Services Regulation (PSR), which will be directly applicable across all EU member states without the need for national transposition. This aims to create a more harmonized and consistent regulatory environment2.
6. Licensing and Supervision
PSD2: PSD2 set out the requirements for the authorization and supervision of payment service providers (PSPs).
PSD3: PSD3 refines these requirements, focusing on the licensing and supervision of both payment and e-money institutions. It aims to simplify the licensing process and ensure more stringent oversight2.
The transition from PSD2 to PSD3 marks a significant evolution in the EU’s approach to regulating digital payments. By addressing the challenges and opportunities presented by the rapidly changing financial landscape, PSD3 aims to enhance consumer protection, foster innovation, and ensure a more secure and efficient payment ecosystem.
Stay tuned to Qubepay.com for more updates and insights on PSD3 and its impact on the payments industry.