Your message is highly valuable for us. One of our experts will follow up with you within 1-2 business days to discuss your request or to inquire for additional information if needed.
Reading time: 10 minutes
PSD2 is a complementary directive of the first Payment Service Directive (PSD) law that was adopted in 2007. In 2018, PSD2 was forced onto national laws and regulations of every EU Member State. PSD2 law allows bank clients, either businesses or private individuals, to use external vendors for financial management.
In essence, by a customer’s consent, banks are legally obliged to expose customer data to intermediaries, like FinTech companies or startups. Due to this law, in the near future, you may use a specific application to pay your bills, perform auditing, analyze your spending, and make currency transactions while your funds are still stored on a particular bank account. Banks must provide the customer account access through open API’s (application program interface). This allows third parties to create financial services on top of the bank’s data and infrastructure.
PSD2 directive will fundamentally change operational relationships, the use of customer’s account data, and the scope of profitable business models. By enforcing this law, the European Commission fosters innovation, improves customer protection, and safeguards online payments within the European Economic Area. Most importantly, it introduces two new types of performers within the financial landscape – the AISP and PISP.
Account Information Service Providers (AISP) have access to the account data of the bank’s customers. Such providers have the ability to gather a client’s account information into one overview and analyze it to outline the users’ spending habits. Payment Initiation Service Providers (PISP) initiate payments on behalf of the user, which results in fewer parties involved and does not require the customer to reveal his payment card details.
Here is an illustration of how PISPs and AISPs will alter current cooperation models between banks and their customers.
Depending on how PSD2 is applied throughout the European Union, banks have the opportunity to either become AISPs or PISPs, which will open a wide range of business opportunities. Certain banks are already leveraging blockchain, artificial intelligence, big data and other new technologies into their commercial practices, and the implementation of PSD2 will soon motivate banks to redesign their business models to retain a competitive advantage and compete for new market positions. Let us further explore specifically which opportunities and challenges PSD2 creates for customers, as well as the Banking and FinTech industry.
How PSD2 Benefits Customer Experience
1. Improved Consumer Convenience
PSD2 directive is directed towards a customer-centered approach. It is designed to provide comprehensive control of the financial assets to the client, regardless of the bank where his account is registered. Currently, to make an online payment, customers have to share their card details with vendors like MasterCard, which then receive the payment from the client’s account by intermediaries. With PSD2, card details will not have to be shared, and the transactions protected by sophisticated authentication methods, which makes internet purchases comfortable and secure against cyber fraud.
2. Safe Transactions Between Accounts
An advanced multi-factor consumer verification is one of the major components of the PSD2 directive. This method is used to validate the user that requests a transaction in real-time. The two-factor authentication (2FA) will create a secure space for payment services around the European Union, and significantly decrease fraud rates. It will enable clients to promptly execute online payments between the accounts. However, in certain cases, when a specific currency rate is exceeded, the bank may require extra risk profile authentication, for example, a single-time password verification or facial recognition. Once additional verification is passed, the actual transfer is complete. With the PSD2 API framework, comfortable P2P payments will also be available for customers. The user would just select a contact at their smartphone, and issue a payment without having to know the bank account details of the recipient.
3. Customized Financial Offers
The directive forces banks to provide secure access to a customer’s accounts to Trusted Payment Providers (TPP), in case the customer allows doing so. TPPs can assemble and analyze the most vital bank data, like income records, debts, purchasing history and create a whole scale view of a specific customer. By analyzing the gathered data, TPPs can develop relevant financial offers like loans or investment advice and propose these customized offers to a certain customer.
4. Decreased Card Fees.
The implementation of PSD2 enables customers to avoid a network of third parties in the PCI environment. By the current “pull” payment model, vendors request payments via card schemes, by which API interacts directly with the user’s bank or an intermediary. With PSD2, a “push” model will be used, where the funds will be extracted directly from the client’s account via API and will be transferred straight to the merchant.
It is clear that PSD2 offers a wide range of advantages for the customers. Users will be able to receive individually designed profitable financial offers, conduct convenient payments between the accounts with decreased fees and ultimate safety.
PSD2 as the New Opportunities for Banks
1. Monetize Additional Data.
Although the PSD2 directive obliges banks to provide customer data, this obligation accounts only to certain types of data. The provision of additional information, like customer demographics, debit mandates and other non-payment related data remains optional. As a result, banks have a choice of whether to exceed minimum PSD2 requirements or not. This creates an opportunity to monetize additional APSs and cooperate with intermediaries to establish new services and wares based on the latter data types. For example, banks could share the customer’s identity and mortgage data with a home insurance service provider, yet only with the customer’s consent.
2. Monetizing Customer Insights.
Providing customer insights allows financial instructions to create a customer-centered digital banking portal in an ecosystem of synergistic relations with the bank and the TPPs. Such services will not only improve customer loyalty, but will also create new profit generating options for both banks and trusted payment providers. Moreover, if the bank offers PISP or AISP services, it could notably improve its ability to trade customer insights. Such data monetization will provide a competitive advantage to banks and will allow for the creation of new sources of profit. An example of insight monetization may be brokered services, such as discounts. Banks will receive certain fees from the partner, while the customer obtains a relevant price reduction, and the partner receives new business at decreased acquisition costs.
3. Expand the Ecosystem and Accumulate Value.
Aside from different monetization opportunities, banks could create efficient partnerships with both internal and external third parties. The services could be consolidated and new products owned by intermediaries could be offered via the bank’s online portal. The same concerns client data that is stored on third-party company systems, but could be presented on the bank’s portal. This would allow the banking platform to reflect the customer’s daily needs and transactions. By placing itself in the middle of such an ecosystem, a bank could take on a more significant role in a customer’s daily life, and have the opportunity to become:
- an adviser and propose different purchasing options;
- assemble specific components to create end-to-end solutions for clients;
- support the client’s daily buying processes.
With the implementation of the PSD2 directive, European banks have opportunities to monetize specific types of information and customer insights to create additional sources of revenue, as well as establish ecosystems and work in close cooperation with FinTech intermediaries while offering additional services to customers. The following scheme shows the difference between conventional commercial practices before PSD2, and the newly emerging open banking, the work of which is based on the directive.
PSD2: Challenges for the Banking Sector and CIOs
1. Rapid Data Delivery.
Together with the Markets in Financial Instruments Directive (MiFID), PSD2 requires increased transparency and faster data delivery. In certain cases, monthly reports will have to be delivered in a matter of minutes. The major challenge for banks is that their existing infrastructure is not designed to cope with such a delivery speed. The volume of financial transactions will inevitably increase and poorly adapted systems will lead to slowdowns, glitches, and complete system failures. This might lead to an inability to cope with the bank’s regulatory deliverables and cause a negative impact on customer experience and loyalty. The only solution is to keep pace with change and invest in infrastructure advancement and big data technologies to be able to cope with the demands of data delivery speed.
2. API Performance Issues.
Flawless work of application programming interfaces is an integral part of PSD2 compliance for banks. This may sound simple, yet CIOs and IT teams struggle to maintain efficient API systems that banks rely on. The main issue is that internal systems could receive requests from numerous PSD2 API’s. A successful third-party marketing campaign could trigger unforeseen performance issues, which again could have a harmful effect on customer experience. The damage could escalate due to the fact that customers can easily switch to a competitor’s bank that does not have any performance related issues. Once again, the solution is to increase investments into the IT department to safeguard the bank from API performance failures.
3. PSD2 and Cybersecurity.
The PSD2 directive rules will soon alter financial cybersecurity. Today banks rely on direct customer interaction and make decisions whether a specific transaction is fraudulent or not on their own. The main challenge for banks is to provide a secure infrastructure for TPPs. To prevent real-time fraud banks use specific software the models of which are trained over a period of 18 months or more. After the implementation of new PSD2 transactions through TPPs, it will take a lot longer to create scores that reflect the financial risk. The financial cybersecurity branch will need to perform precise transaction monitoring, and possibly set new rules to prevent sophisticated cybercrimes. However, PSD2 regulations allow banks to block intermediary access to account data if the bank provides evidence that the actions of third parties are fraudulent or unauthorized.
The PSD2 directive will soon transform the financial industry of the European Union. The directive regulations are consumer-centric and offer many conveniences for bank clients, such as personalized financial proposals and reduced fees. Moreover, it offers new business opportunities for both FinTech companies and banks. FinTechs will act as third parties and have unparalleled opportunities for financial application development and efficient collaboration with financial institutions. Banks will have the ability to monetize client data and insights, thus generating additional revenue. Despite a number of challenges, the directive is bound to be implemented, and banks will soon need to take action and design new business strategies that comply with the directive.
Infopulse Experience with PSD2 & Open Banking
Having about 30 years of experience in software development, Infopulse specializes in the digital transformation of international banks, improvement of payment services and financial data exchange. Infopulse supports fast PSD2 implementation and the transformations that are occurring within the banking sector.
One of our latest projects concerning PSD2 implementation, involves the consumption of API’s from other banks, which permits the client to add accounts from external banks to his own bank. The project meets all of the PSD2 compliance regulations and enables the customer to:
- Administer agreements for fetching accounts from external banks.
- Conduct a single domestic payment on external accounts with a due date today or in the future.
- View the latest transactions on external bank accounts.
- Examine the status of due payments on external bank accounts.
If you are looking for a strong digital services partner who can help you to comply with the PSD2 directive, feel free to explore the wide range of solutions we have for the financial industry.
About the Author
Oleksandr Nikolaienko has 20 years of overall IT experience, 15 years of which he dedicated to project management and business analysis. He contributed to the development and delivery of financial software, risk management solutions, internet and mobile banking solutions. He has proven expertise in managing the entire portfolio of projects in FinTech, Logistics, and Telecom. Oleksandr is a highly qualified expert having earned such international certifications as Project Management Professional (PMP)®, Certified ScrumMaster® (CSM), Certified SAFe 4 Agilist® (SA), and ICAgile Certified Professional – Delivery at Scale (ICP-DAS).  .