Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PSD2: What You Need to Know


Published on

Are you fully prepared for PSD2? Check out all of the information you will need to ensure your organisation's success in this presentation by our very own Harsh Upreti.

Published in: Software
  • Be the first to comment

  • Be the first to like this

PSD2: What You Need to Know

  1. 1. PSD2: What You Need to Know Harsh Upreti
  2. 2. Payments Services Directive – PSD21
  3. 3. What is PSD2 PaymentsServicesDirective- 2 • ADirective(LegalAct)ofEuropeanUnion • Itrequiresthememberstatestoregulatepaymentservicesandpaymentserviceproviders • Itaimstoincreasecompetitioninthepaymentsindustryandincreaseparticipationofnonbanks • Italsoaimstoprotectconsumerrightsandprovideconsumerswithawidevarietyofpaymentservices • TherulesforPSD2aredraftedbytheEuropeanCommissionandapprovedbyEuropeanParliament • PSD2isamoreinnovativeandenhancedthanPSD,whichisalreadyinplace
  4. 4. What is PSD2 Cont.. PSD2 aims to establish a levelplaying fieldbetweenbanks and Third Parties -FinTech's Major players in the PSD2 Ecosystem: Customers Banks Third Parties FinTech's Government Expose Customer Data for Third Parties Consume Customer data from Banks Define and Control Implementation Rules New Entrants
  5. 5. How will PSD2 alter the landscape? Maya Bank Bank Before Bank App Bank App Two logins Not a single view After PISP AISP Bank Bank BankApp BankApp API Gateway API Gateway TPP App Maya Single view and login
  6. 6. Third Party Providers - TPPs What arethe types of TPPs impactedby PSD2 PISP - Payment Initiation Services Providers AISP - Account Information Services Providers Companies which access customer’s bank accounts to transact e.g. debit & credit Companies which can access customer account data to provide financial management services
  7. 7. Regulatory Technical Standards - RTS PSD2 has defined technicalrules that banks and TPPs haveto adhere to. ByreferencetoArticle115(4)PSD2,theRTSwillbeapplicable 18monthsafteritsentryintoforce,whichwouldsuggestan applicationdateoftheRTSinNovember2018atthe earliest.Theinterveningperiodprovidestheindustrywithtimetodevelop industrystandardsand/ortechnologicalsolutionsthatarecompliantwiththeEBA’sRTS. The proposed Regulatory Technical Standards on strong customer authentication and secure communication are key to achieving the objective of the PSD2.
  8. 8. Geographical Scope of PSD2 Source:
  9. 9. Objectives of PSD2 WhatPSD2aimstodo: • Openupcustomerdataaccesstothirdparties • Enablethirdpartiestodirectlyperformtransactionsoncustomeraccounts • Providestricttechnicalstandardsforcommunication(API)andsecurity(Authentication) Whatwillbetheimpact: • Morethirdpartiesbeabletobuildvalueaddedservicesontopofcustomerdata • Paymentsandtransactionswillbedonewithoutamiddleman • Endusers/customerswillgetmorechoiceandbetterservices,possiblyevencheaperservices • Bankswillexposesecure&reliableAPIsforthirdpartyaccess • ThirdpartieswillconsumeAPIsandaggregateinformationfromdifferentbanks • ThirdpartieswillalsoconsumebankAPIstocommittransactionsonbanks
  10. 10. PSD2 Timelines RTS willbe enforced betweenNov 18 & April 19 Source: Deloitte
  11. 11. Two Factor Authentication PSD2 introduces a requirement for strong or 2-factor customer authentication (2FA) using two or more elements out of the following three: – Knowledge: something only the user knows (e.g. a password or PIN), – Possession: something only the user holds (e.g. a card or a token), and – Inherence: something only the issuer is (e.g. a finger print or voice). The elements must be independent of each other, meaning that a breach of one does not compromise the reliability of the others, and they must be designed in a way to protect the confidentiality of the authentication data.
  12. 12. Summary • PSD2impactsBanksandThirdPartyProviders • ThirdPartyProvidersareAISPsandPISPs • BanksandThirdPartyProviderswillcreateandconsumeAPIs • RTSwillcomeintoforcearoundNov2018–Apr2019