The new european directive on payment services, known as PSD2, enters in force today with the aim of improve the security of online transactions and reduce fraud in bank operations made through the internet. To achieve this, the standard introduces a series of changes in the procedures until now established that will affect both consumers and financial institutions.
One of the main innovations is the requirement that the operations of electronic payment is done with the authentication enhanced . What does this imply? When you pay or send money through the network must use a method that meets two of these three requirements: possession (for example, a card or a mobile phone), knowledge (e.g. a password) or himself (a biometric feature such as fingerprint or facial recognition). If this double authentication is enabled, the payments could be rejected.
"For the user is good because it adds so much to level of security," says Olivida Feldman, co-founder of the comparator financial Helpmycash.com.
With this new way of buying by internet, consumers only have to pay the first 50 euros spent with your card when it is lost or stolen . Before, the amount to which they had to cover was 150 euros.
from now on, it will be necessary to have a mobile phone to enter the online banking, which are also applied the new requirements of the authentication is enhanced.
Banco Santander and Bankia, for example, have communicated to their customers to access their bank accounts online or the application will need your access key and a current code that you will receive by SMS on your mobile device . The second factor of safety will only make you miss the first time you access and when you have spent more than 90 days since the last time you asked the user this dual authentication. In addition, there are entities such as Laboral Kutxa or ING that have removed the card of coordinates , so in order to finish the purchase the user will receive an SMS or download the application.
Another of the contributions of the community standard is related to the "open seat". Financial institutions will be forced to give access to the accounts of their customers, if these so authorise, to third-party companies (TPPs) that can carry out services of aggregation of information (collects the financial data that the customer may have in bank accounts of various entities) and initiation of payments (allows you to initiate a transfer of a bank account from the application of this provider). Before, these "third party providers" did not have a legal framework in Spain that would allow to provide and receive these services with due legal security.New players
"For consumers it is a step forward, especially on a key issue: the data ceases to be property of a bank or of a "fintech" and happens to be owned by the user," says Patricia Suarez, president of the Association of finance Users (Asufin).
From Santander to see "positive" the appearance of these third-party companies because "the market opens and improves the competition", but warn that this new scenario requires "a special awareness of the customers on the risks of sharing your information , and should be attentive to the policies and authorizations that make it easier for third parties".
given the complexity of the directive, the Bank of Spain announced this week that be given more time to the providers of payment services to fit to the new requirements. Sources in the sector estimate that the moratorium will be a year and a half.
"This creates the opportunity to apply a technology that does not harm sales , but also the threat of staying back if you do not do anything during that time", it points to ABC Raul Legaz, director of Biocryptology, a company specializing in biometric technology."The new scenario requires a special awareness of the customers about the risks of sharing your information,"
For the e-businesses that had already implemented the authentication reinforced the impact of the PSD2 will be limited, while those that didn't have these levels of security will tailor the gateway payment and migrate to the new, safer procedure.
Antonio Fagundo, a lawyer and CEO of Masaltos.com –sevillian firm of men's footwear–, emphasizes that the directive will allow that to come new financial operators and it will be they who will have to adapt and "ease the life of e-businesses and consumers". In your company, a good portion of the sales from the digital channel.
"Until now, the user is stuck on a web page, paid with card and thereafter generating a series of commissions. One that pays the web page of the bank and the other paid by the consumer. This can make it go away," says Fagundo. "If the customer does not pay with card and use any of the new payment methods that are offered, we take off the commissions of the two", she continues.
Renee Robbie, director general payments SiteMinder, platform attracting passengers centered in the hospitality industry, points out that "the new regulation will inevitably modify the methods of payment online such as we know them today and will force the hotel industry to prepare for a new change ".
yes, Robbie, it highlights that this change is "essential" for guests to trust intrinsically, in the hotels, especially at the time of making the reservations through the web of the hotels because in many countries there is a distrust. "I recently read about a hotel in Budapest had loaded on the card of a guest is the equivalent of 56,000 pounds by mistake instead of 169 which is what it cost the room. I imagine that with the new regulation, this type of errors will not happen", concludesDate Of Update: 15 September 2019, 01:00