PSD2 Directive – Changes in banking throughout the European Union
On September 14, an EU directive enters into force, which introduces new rules for logging into banking systems. They require the use of our smartphone with a code sent via SMS or a scanned fingerprint, which will probably make it difficult for tourists and seniors to use banking services.
It must be admitted that the solution will undoubtedly increase the security of internet and mobile banking. However, the convenience of using the current form of logging in to banking systems will be felt especially by people using computer banking.
The PSD2 directive enters into force today. PSD2 (Payment Services Directive) is the EU’s regulations on payment services, bringing with it serious changes for consumers and banks. In addition to a different login method, we will more and more often enter the PIN code when paying with a card. PSD2 applies to all Member States that had to adapt to it by implementing the regulations by September 14, 2019. But these are not the only changes that have just entered into force. Here are the most important of them.
- Strong Authentication Procedure
One of the most noticeable changes for consumers is that the identity of any consumer using electronic payment services will have to be double-verified. For example, by password and rewriting the code from the phone or by scanning the fingerprint.
The directive states that the strong authentication procedure must be applied when the payer:
- gets access to his online payment account,
- initiates an electronic payment transaction,
- performs activities via a remote channel that may involve a risk of payment fraud or other fraud.
- Less liability and faster claims
PSD2 reduces the customer’s liability for unauthorized transactions.
In the event that the consumer is lost, stolen or misappropriated the payment instrument, he will not be liable as he could not have been aware of the loss. It has been assumed that in the case of an unauthorized payment transaction, he will have to pay EUR 50, and not EUR 150, as before, the remaining responsibility falls on the service provider, and the complaint time is reduced to 15 working days from 30 days that were in force so far.
- Small Paying Institution
MIP is a new type of small-scale payment service provider. Small Payment Institutions may be natural or legal persons or organizational units that are not legal persons but have legal capacity, which will be able to operate after being entered in the register by the Polish Financial Supervision Authority, will not have to obtain a license, but will have to meet two requirements.
- The volume of MIP turnover cannot exceed EUR 1.5 million per month,
- 2 thousand euro is the maximum amount that can be kept from one customer.
- Open banking – a new type of service provider
The directive introduces a new type of service providers in the payment market that can act as intermediaries in payment services, the so-called TPP (Third Party Provider) , i.e. providers of external institutions next to banks and other payment entities.
They can provide two types of services for us:
- (AIS) Account Information Service – informing about the status of many bank accounts, which will make it easier to see the status of your finances in many different banks
- (PIS) – Payment Initiation Service – assisting in making payments using the customer’s bank account on their behalf. The TPP is to initiate payments in a specified amount to a specific recipient and report to the client about the execution of orders.
Banks will have to provide the above TPP – with the customer’s consent – access to his accounts. The list of TPPs will be provided by the Polish Financial Supervision Authority.
Beware of scammers
In the first weeks after the new regulations enter into force, it is worth being vigilant. The Polish Financial Supervision Authority warned that paradoxically, the new law increasing security may initially be an opportunity for fraudsters.
Criminals may try to extort confidential information,incl. by carrying out phishing attacks, which can lead to identity theft or theft of funds.
The Polish Financial Supervision Authority announced that suspicion should arouse all kinds of e-mails, SMS and contact attempts referring to the entry into force of new solutions.
If in doubt, please contact your payment service provider.