PSD2 - Payment Services Directive, second edition
Back in 2007, the european "Payment Services Directive" (PSD) was introduced. It aimed to:
- guarantee fair access to all payment systems in order to boost competition, thereby increasing their efficiency and reducing their cost;
- increase the transparency of payment service and fix the rights and obligations of payment services users and providers;
- make cross-border payment services as easy, efficient and certain as payment services within a Member State;
- provide the legal framework necessary to create a Single Euro Payments Area (SEPA).
Now in 2019, a lot has already been written and discussed about PSD2. But what does it mean for you? Take a look at what will become possible soon.
Payment transactions in Europe are constantly changing and reinvented. Banks and other companies frequently develop new smart services that help you manage your money affairs more easily.
To ensure that these innovations become possible and that they remain safe, the EU has made new rules. With more competition between payment service providers and better consumer protection. These new rules are set out in the 'Payment Services Directive 2' (PSD2) that entered into force on 29 July 2018.
You notice the existence of these new rules especially when something changes. For example an extra check when logging in. Or nice new services that we come up with for you.
Easier payments, a better overview
PSD2 supports innovation and the development of new services that help you manage your money and your budget. Such services often require the use of payment data.
PSD2 therefore defines a framework for sharing your payment details with payment service providers easily, securely and always with your explicit consent.
As a result, paying for online purchases will soon be even easier and you will be able to access all your payment data, even from different banks, in one place and on one screen.
New for other companies than banks
Companies other than banks can also offer new financial services. With PSD2 you can share your payment details with them. But only if you want to. And you give that company explicit permission for that. Otherwise they cannot get access. And rest assured, giving access does not go unnoticed.
In order to give permission, you provide a proper ‘explicit consent’ . The way it works is that you get redirected to an internal ING secured dedicated website where you do select the country of your ING account (ING Luxembourg). You then click ‘Next’ and you get access to an authentication page. Per default, the Luxtrust Token authentication page will be displayed allowing you to put your credentials (User ID, Password, OTP), but you can still select another authentication mean such as Luxtrust Mobile App, Luxtrust Smartcard, LuxTrust Scan or also Luxtrust Signing stick, if you want to.
From that moment on, you can then, depending of the service:
- select which account you want to grant access to for a 90 days period (Account Information Services)
- select which account you want to use to initiate a payment every time you do so (Payment Initiation Services)
- select which account you want to grant access to for an unlimited period of time until revocation (Confirmation Availability of Funds)
Only then does another company have access to your payment accounts. So you see, you don't just give permission. You really have to do something for that yourself !
And if you do not give permission to another company, nothing will change for you.
Now only ING can access your payment details. With the arrival of PSD2 you can also share that data with other companies. If you give those companies permission, at least. You decide yourself which companies entrust your payment details to you. In myaccount.ing.com you can see exactly which companies you have given permission to.
Other banks and other industries may also soon offer account information services and payment services. Of course, not every company can do that just like that. There are strict requirements and they must apply for a permit for this.
What should you pay attention to?
You also have to stay alert for phising emails . Every change, and now also PSD2, is a reason for criminals to send them.
Connect as a payment service
Developers and payment services find all the information they need on ING's Developer Portal to connect to ING's PSD2 related APIs