Introduction to PSD2 - part two

Transactions without the traditional players

In our previous blog post, we looked into PSD2, what it is and how it might affect banks’ business. This post takes a look at one of the key parts of PSD2: XS2A.

What is XS2A?

Access to Account (XS2A) might be the biggest technological innovation in retail banking since the internet. The XS2A opens up for bypassing actors in the existing e-commerce ecosystem. The Card Scheme and the Acquirer will be by-passed since XS2A allows direct communication between the Merchant and the Customer’s Bank. For in-store payments, this paves the way for solutions without the need of a Point-of-Sale. The shopping experience in-store can be similar to e-commerce transactions.

Third-Party Providers and XS2A

The inclusion of  Third-Party Providers (TPPs) might be the most significant change in PSD2, where Access to Accounts (XS2A) is introduced. Banks and other financial institution must give certain licensed third-parties Access to Account information, and can not treat payments that go through Third-party Service Providers any differently.

There are two types of TPPs, the Account Information Service Providers (AISP) and the Payment Initiation Service Provider (PISP). The AISP provides information about your accounts and balances, and the PISP initiate payments without going through the traditional payment networks.

Traditional e-commerce Transaction

Today, when shopping online, you decide what to buy, and complete your purchase using your card. The merchant will have an Acquirer, who will then contact the customer’s card scheme e.g. MasterCard or Visawho will then pull the payment, debiting the customer’s bank account.

 

Post PSD2 transactions

When all aspects of PSD2 are rolled out and put into motion, the traditional e-commerce transaction explained above will be disrupted. Instead of entering all your debit or credit card details, you will then be asked whether you want to give the retailer access to your bank account. By agreeing, the merchant takes you to your bank’s internet banking site where you give the required permissions.

How Facebook login and permissions flow is today

This is comparable to how you use your Facebook or Twitter information to log into your apps and websites, without ever exposing your details to the service providers.

You will not give your bank login details to the webshop, and the bank will never access your retailer login details, you simply give permissions to the webshop to execute payments on your behalf via your bank account.

Innovators have already begun

The new Payment Services Directive is being put into force now. Requiring issuers, banks, merchants and all other actors involved in the payment ecosystem, to adapt to the changes. This has already driven innovation in the space with new players disrupting the traditional existing roles in the payment ecosystem. Seqr is an example of a mobile wallet that utilizes access to the account (XS2A) in order to create a great mobile payment app. The app allows users to pay using QR codes, or by using the contactless capability on their phone, to deduct the money from the user-selected account. What other services will we see taking centre stage as PSD2 (spreads) takes hold?

Our mission at MeaWallet is to help our clients simplify mobile payments and support implementation. Our team is passionate about the subject and continually looking at the evolution and trends in the mobile payments space. We welcome your comments or invite you to get in touch directly with us at contact@meawallet.com 


MeaWallet and Latvian Investment and Development Agency

MeaWallet has signed an agreement with Latvian Investment and Development Agency for participating in a support funding programme related to business development, expansion and international export of products and services. The cooperation allows MeaWallet to market it's Products and Services widely in different industry exhibition and conferences.

SIA “MeaWallet Latvia” ir noslēdzis 08.07.2016. līgumu Nr. SKV-L-2016/546 ar Latvijas Investīciju un attīstības aģentūru par atbalsta saņemšanu Darbības programmas “Izaugsme un nodarbinātība” 3.2.1. specifiskā atbalsta mērķa “Palielināt augstas pievienotās vērtības produktu un pakalpojumu eksporta proporciju” 3.2.1.2. pasākuma “Starptautiskās konkurētspējas veicināšana” ietvaros, ko līdzfinansē Eiropas Reģionālās attīstības fonds.


Introduction to PSD2 - part one

PSD2 - what is it, and what will change?

PSD2 has been on “everyone’s” tongue in the banking industry the last year or two. A follow-up from the first Payment Services Directive, it aims to change the way retail banking is performed in the EEA.

The Payment Services Directive (PSD) is an EU Directive that was put into force late December 2007, regulating payment services and payment service providers in (European Union) EU and European Economic Area (EEA). The Single Euro Payment Area (SEPA) defines the interoperability of payment products, infrastructure and technical standards, such as ISO 20022, IBAN, BIC, rule books for credit/debit transfers and more.

The PSD provides the legal framework within which all Payment Service Providers (PSPs) must operate. The Directive's purpose is to increase Pan-European competition and participation in the payments industry. Also from nonbanks, and to provide for a level playing field by harmonizing consumer protection and the rights and obligations for PSPs.

The key changes in PSD2

The Payment Services Directive 2 is designed to make cross-border payments as “easy, efficient and secure as national payments” and improve competition by opening up payment markets to new entrants. In this chapter, a few of the most important changes will be covered.

Authentication

PSD2 gets increased security rules for consumer authentication, where its goal is to reduce the fraud. All PSPs will be required to apply “Strong Customer Authentication” (two-factor authentication) when someone initiates an electronic payment transaction. Strong Customer Authentication gives consumers and merchants higher protection against fraud by setting higher requirements for user authentication.

Consumer protection

The PSD2 seeks to get better protection for the consumers, by no longer allow PSPs to charge payers for making the appropriate notification in the event of loss/ misappropriation of the relevant instrument. PSPs therefore will need to revisit their policies in this respect and adapt them accordingly to follow the new regulation.

Third-Party Providers and XS2A

Third-Party Providers (TPPs) might be the most significant change in the PSD2, where Access to Accounts (XS2A) is introduced. Banks and other financial institution must give certain licensed third-parties Access to Account information. At the same time, they can not treat payments that go through Third-party Service Providers any differently. There are two types of TPPs, the Account Information Service Providers (AISP) and the Payment Initiation Service Provider (PISP). The AISP provides information about your accounts and balances, and the PISP initiate payments without going through the payment networks.

Change with the changes

At MeaWallet, we believe that PSD2 will change retail banking as we know it. It will speed up the digitalization of the banking sector. As a result, new services arising as a result of the new payment directive, the consumers will further increase their demands and requirements from their bank. In a competitive landscape, the winners will be the ones meeting the digitalization up-front with innovative solutions and services. Not the ones clinging on to their legacy.

Our mission at MeaWallet is to help our clients simplify mobile payments and support implementation. Our team is passionate about the subject and continually looking at the evolution and trends in the mobile payments space. We welcome your comments or invite you to get in touch directly with us at contact@meawallet.com