Light Dark
November 9, 2016 By Assaf Regev 3 min read
Banking & Finance
Fraud Protection

The new revised Payments Services Directive (PSD2) is designed to open the market to new forms of regulated payments and has a direct effect on the entire European payment industry. The directive will grant access to customer bank accounts and transaction data to third-party providers via a dedicated set of application program interfaces (APIs).

An Open and Innovative Environment

The original Directive on Payment Services was created in 2009 as a uniform payments directive across Europe. The PSD2, scheduled to be enforced in early 2017, puts greater emphasis on the digital channel as a means of creating a more open and innovative environment for banking customers, while also opening the stage to new third-party providers.

One of the most important parts of the new directive is the access to the account for Payment Initiation and Account Information Services (XS2A). To access the relevant data, Account Information Service Providers (AISPs) may need to use open APIs to request account information and initiate payments from a specified account.

Another stipulation refers to the addition of Payment Information Service Providers (PISPs), which can initiate payment transactions. This is a big change — there are currently only a handful of payment options that can take money from one account and send it elsewhere, such as the Single Euro Payment Area (SEPA).

The PSD2 in Action

Let’s look at a typical online purchase for an example of how the PSD2 might affect consumers and providers alike.

When a customer shops online, instead of entering credit card information, the online retailer will request access to his or her bank account. Once the customer agrees to share those details, he or she will be redirected to the bank’s website to provide the necessary permissions.

This is similar to the way applications request access to a user’s Facebook or Gmail account today. In lieu of sharing his or her banking details with the online merchant, the user will simply grant permissions to the bank to execute online payments on their behalf.

The next time the customer attempts to access the same retailer, he or she may be required to grant the permissions again, or they will stay active until the customer chooses to revoke them.

PSD2 regulations also provide an opportunity for banks and other financial institutions to address digital transformation. The underlying security and an open API platform can help level the playing field between the various players, with the goal of increasing competitiveness and delivering increased value to end users.

Watch the on-demand webinar to learn more about PSD2

Security Versus Convenience — Why Not Both?

PSD2 is designed to foster innovation, enhance transparency and drive competition by enabling new players to enter the financial services industry. It also aims to enhance consumer protection, increase convenience and contribute to a more integrated and efficient European payments market overall.

IBM Trusteer solutions can help organizations step up to the challenges and opportunities presented by the new regulation. These include strong customer authentication, transaction/session signing and enhanced electronic payments. Trusteer supports the development of user-friendly, accessible and innovative means of payment and provides real-time recommendations regarding login attempts, session time out and validity of authentication across both web and mobile.

Additionally, Trusteer Pinpoint Detect works in conjunction with additional products and services to further enhance fraud identification and remediation across many attack vectors. By aggregating and correlating evidence-based threat intelligence, risk-based indicators, behavioral analytics and in-depth fraud information, we can help organizations meet their security demands. This approach allows enterprises to concentrate on providing innovative banking and payment solutions while balancing security and user convenience.

Learn More

To learn more about the challenges and opportunities presented by PSD2, watch our on-demand webinar, “Ready, Steady, GO — PSD2 is Coming” or download the white paper, “The Impact of PSD2 on Authentication and Security in European Financial Institutions.”

 |  |  |  |  |  |  | 
Assaf Regev

More from Banking & Finance
December 19, 2024

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

November 26, 2024

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

November 7, 2024

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature