Customers or financial companies – who wins with PSD2?
The Payment Services Directive (PSD) was adopted in 2007 as the legal foundation for new and safer payment services across the EU. The objective was to make cross border payments efficient and secure by harmonising payment products, infrastructures and technical standards.
But technology has moved on, with new services offering more, and often cheaper, alternatives for internet payments. PSD has had to be revised to cover them. So we now have PSD2 designed to support new technology, increase competition and provide a level playing field for payment providers and users, while increasing security for customers.
Will it achieve this?
Customers are demanding new and better ways to pay. PSD2 will mean third parties will be able to act as middlemen between clients and banks – and provide those new solutions. These Third Party Providers (TPP’s) are Payment Initiation Service Providers (PISP) and Account Servicing Payments Provider (ASPSP).
With a PISP, instead of entering card details at checkout customers will be asked to give their bank details. If they agree they will be taken to their banks internet banking site to give permission for the transaction direct from their account.
Direct integration of their bank account with the merchant will increase speed at check out – if customers can be persuaded to change their behaviour.
Aggregating all a customer’s financial information in one place provides a real commercial opportunity to cross sell – making the ASPSP particularly attractive to comparison websites.
Customers need to enter the login details for their bank accounts to let the ASPSP gain access to their account via API. In the past, this was not possible in the UK as a customer giving their login details to an aggregator would be breaking the terms and conditions with their bank. In fact, there are already companies using statement scraping to deliver a measure of aggregation – something of which customers are probably not aware of.
The benefit to customers is that they can consolidate all their accounts in one place. Those companies that can offer the best User Experience will win these customers.
Banks feel that giving access to their core platform through API is insecure. PSD2 will introduce new Regulatory Technical Standards (RTS) for new security and customer authentication methods, although they will not be defined until after the deadline for implementation of PSD2.
As the RTS sets the standard for the API, banks may currently be using this delay as a reason to resist opening their APIs. It’s hard to say exactly what their next move will be.
Certainly, banks will need to make investment in systems that could reduce their revenue streams and introduce more competition if not managed properly.
The impact of PSD2 will be enormous and should not be underestimated; bringing in new players, new services, new experiences, greater disruption to traditional service providers and creating a more competitive environment.
It also means questions. If the transaction disintermediates card schemes and acquirers there will be a saving for the Merchants. Will they pass on this saving to the customer, or will the banks introduce a new charge to counter the lost revenue from interchange?
Where does liability lie if something goes wrong? What will the unidentified and unintended consequences be?
And perhaps most important of all: Will frustrated bank customers take up the offerings of these new service providers, or will the banks get their act together and deliver the kind of service their customers are starting to demand?
At Trusek, we help to provide the answers.