Stay up to date with the industry news!

29 Jun 2021

PSD2 – What It Means for Merchants and MNOs

Marina Lubar

Head of Risk Management

The revised Payment Services Directive 2 (PSD2) for the EU encourages innovation by enabling new financial players the possibility of initiating payments on behalf of the payer. This allows for a faster payment process, while maintaining the highest level of security. Here is the most important information merchants and mobile operators need to know about PSD2.

Key takeaways:

  • PSD2 introduces two new types of third-party payment providers which can process payments: AISP and PISP
  • With the introduction of new players on the market, merchants benefit mainly from lower commissions and more payment options, including the option of fast mobile payments with the highest security standards
  • For mobile operators, PSD2 means they can enjoy the benefits of being a payment institution, without having to go through the long and demanding process of obtaining the PSD2 license themselves, because it can be transferred from one agent to another

How PSD2 came to be

In 2007, the European Union regulatory initiative PSD1 changed the financial services market: its objective was to stimulate competition and transparency throughout European payments markets, improve the quality of services and protect consumers against fraud.

PSD2 is a revised and consolidated version of PSD1, which was passed in 2015 – but the most important aspects for online payments have come into effect in September of 2019.

The goal of PSD2

Besides fraud protection and improving security, the main goal of PSD2 is to make the European payments market more efficient and unified, as well as to level the playing field for payment service providers. It represents a broader shift to open banking and an integrated payment ecosystem in the EU.

For consumers, besides offering more flexibility and making online payments, PSD2 ensures the highest level of data protection. PSD2 is a strongly consumer-focused directive that offers a maximum protection of consumers’ sensitive information with advanced anti-theft and anti-fraud mechanisms.

What’s new with PSD2

PSD2 introduced two new types of third-party payment providers:

 – Account Information Service Providers (AISPs)

Payment Initiation Service Providers (PISPs)

To provide a PSD2-licensed payment service, a third-party payment provider needs to be registered as one or both.

The difference between these is that AISPs can only ask for permission to connect to a bank account, while PISPs have direct access to the banking system via API and are able to initiate online payments directly from the payer’s bank account via an online portal.

The relations between AISPs, PISPs and end users’ bank accounts

Since they act as a gateway for accepting payments, AISPs/PISPs are responsible for maintaining the highest level of security for transactions. This is ensured through strong customer authentication (SCA), which is mandatory for all electronic payments. SCA includes a multi-step authentication that requires two or more of the following elements:

  • Knowledge
  • Possession
  • Inherence
The elements of SCA

An example of an SCA solution is Two-Factor Authentication (2FA). It provides users with an extra layer of security when logging into a website or an application. Instead of just entering a username and a password, and immediately gaining access, the user is required to verify the login with a second factor, which can come from something they know (answer to “a secret question”), something they own (a smartphone, a hardware token), or the system can recognize their fingerprint, face, or voice.

How merchants benefit from PSD2

Lower commissions

In the current ecosystem, online merchants and web shop owners pay large commission to banks for POS machines and payments made through banks. PSD2 enables third-party payment providers to essentially process customer payments in the same way as banks do, but at a smaller fee for merchants, thus reducing their usual payment processing costs.

Bigger reach, more options

Merchants and web shop owners can offer a variety of safe and frictionless payment options to consumers through their payment service provider. PSD2-licensed payment providers enable merchants to sell both digital and physical goods using mobile payments as an alternative to the usual credit card option (such as payments via SMS or online via DCB), or through IBAN-to-IBAN payments.

Safer transactions

By introducing strong security requirements for electronic payments, PSD2 ensures the protection of consumers’ financial data and privacy, obliging third-party payment service providers to apply strong customer authentication (SCA) elements.

Higher conversions

Logically, a simpler and more secure payment process enhances the entire customer experience, which leads to a higher conversion rate for the goods and services provided by a merchant.

How does PSD2 affect mobile operators?

PSD2 has limited the purchase of digital services from mobile operators with a maximum transaction value limit (€50 per transaction and €300 per billing month). If operators want to sell their products and services without a limit on the value of the transaction, they must have the status of a payment institution.

However, PSD2 license holders can in some cases transfer the PSD2 license to another agent who meets the criteria and consequently becomes a full-fledged payment facilitator on the desired market within the European Union.

For mobile operators, this PSD2 license agency means they can easily enjoy the benefits of being a payment institution, without having to go through the long and demanding process of obtaining the license themselves.

Example of a PSD2-compliant payment solution

We are proud to be one of the first (and few) payment service providers in Croatia to obtain the PSD2 license, as of 9th April 2018.

mobiPaY is an example of a PSD2-compliant solution we developed for the Croatian market. It enables online merchants like web shop owners to provide consumers with the option to pay for products and services by sending an SMS, charging the amount to their existing mobile phone bill.

One such customer using mobiPaY to sell physical goods is eMerkato – a Croatian web shop selling home-made products like fruit and vegetables, dairy, meat and other goods from local producers.

eMerkato web shop
eMerkato web shop

For consumers, mobiPaY provides faster and simpler transactions than for example credit cards, which normally require long form fills. Also, mobile payments (carrier billing) have 50-60% higher conversion rates than credit cards. However, advanced antifraud mechanisms enable an equally safe purchase.

Integration of the mobiPaY solution to an existing online system is quick and easy, as we have ready-made plugins for all leading e-commerce platforms.

Step into the future of online commerce with a trusted partner

PSD2 marks another step towards creating a digital single market in the EU, giving consumers more and better choices when it comes to payments. It also increased competitiveness in the payment market, and we’re glad that we are now part of this revolution.

If you are selling online or physical goods in the EU and are looking to meet the new compliance standards for online payments introduced by PSD2, you might be interested to learn more about the payment solutions and services we provide:

Should you have any further questions feel free to reach out to us. You can also connect with me directly on LinkedIn.

Latest posts

07 June 2024

Direct Carrier Billing now Available in Belgium

NTH once more strengthened its relationship with one of Belgium’s gi...

07 June 2024

Enhance DCB Services in Romania Through NTH Mobile

In Romania, home to over 19 million people, NTH has expanded its ...

31 August 2023

Meet us at Global Carrier Billing Summit and World Telemedia

Our team is gearing up for the two prestigious events in the world of ...

Want to discuss a partnership?

Start by contacting us.

    Partner with us