Watch Out 2018! Changes To Payments Coming Soon

payment authorisation

“Revolutionise”, and “Earthquake” are two of the many words used to describe what could happen to European payments and banking in 2018.

Banks, payments service providers and merchants (anyone who takes payments online or in-store) are already gearing up for new data protection legislation, in the form of GDPR, but they also need to get ready for PSD2, which comes into force in January 2018.

The Revised Payment Services Directive (PSD2) aims to improve consumer protections, increase competitiveness in the sector and should give consumers new payment options. All of which could have a big impact on the payments and financial services sector in 2018.

What PSD2 could mean in practice

In practice, this new legislation could have limited impact in the short-term. It depends on how the financial sector reacts, how ready – or not – new players are to enter the market, or existing players are ready to adopt new roles and, most importantly, how much customers are aware of the real impact of these new financial options.

Under PSD2, bank customers can give third-party providers access to their financial information, giving them the ability to manage their finances. Of course, this permission doesn’t extend to any company. Permissions extend outside of traditional financial institutions to AISPs (Account Information Service Providers).

At the same time, banks need to share more consumer financial information with Payment Service Providers (PSPs). Banks can also take on either role – act like an AISP or PSP – through open APIs, which means you can have your money in one account, but have another service provider or platform manage it or transfer funds, pay bills and therefore, potentially, offer you new financial products tailored around a much wider data pool than banks have traditionally been able to access.

Open banking?

Security is a key theme within PSD2.

Europe and other regions are keen to ensure that customers’ data is secure, which is a topic constantly in the news thanks to the unceasing rise of data breaches and cyber attacks. And yet, what we are talking about is turning the financial sector into another platform; “Banking-as-a-Platform.”

APIs – the technology interfaces that allow you to create an online account using Facebook or Twitter – are at the centre of this financial technology revolution. The question, therefore, we need to ask is “will this make financial services more secure?”

In response, thanks to PSD2 and GDPR, security will get tighter. PSD2 does mean that more alternative payment methods (APMs) can access the market and reach more customers since they can take on board AISP or PSP roles and offer new services. However, banks aren’t going to give access to account and balance information without knowing that the security processes and systems third-party providers are using is bank-level secure.

Customers are going to need to know their data is secure too. Open banking is only going to be as open as security, technology and customers allow, which is likely to mean more two-factor authentication, biosecurity and other measures to prevent fraud and data breaches in 2018. Everyone wants choice and competition, but that can’t come at the cost of easier access for cybercriminals and hackers. We wait and see how much PSD2 impacts the financial and payments sector next year and whether it’s actually on the same magnitude as an earthquake.

To discuss how these changes may affect your organisation, contact our team: Call +44 (0)808 159 7217 or email [email protected]