What is PSD2?

What is PSD2?

As we are approaching the end of 2020, PSD2 cannot be called something entirely new. Payment Services Directive 2 was passed a few years ago on 25. November 2015. However, as with most European directives, it had a pretty long transition period. September 2019 was the final deadline for implementing strong customer authentication (SCA). (This info is not as widely shared, but there have been extensions to this deadline.) It might have been the moment when this directive made an impact on people’s lives. And, of course, the interest from the general public had made the topic of PSD2 popular again.

The (first) PSD

Number “2” appears in PSD2 for a reason. Actually, PSD2 was introduced to replace PSD – Payment Services Directive which was introduced in 2007. Its primary purpose was to facilitate international financial transactions within the EU borders. It described in detail which institutions can provide financial services and the rules they have to adhere to. Its regulations covered client-institution relationship. It provided guidance to the transparency of information, liability, and suggestions about the right way to authorize transactions.

One of the most tangible benefits of PSD was the introduction of the Single Euro Payments Area (SEPA) which basically means that money transfers in euro within the EU borders are as fast and cheap as internal ones. Something that seems very obvious now, but didn’t exist only ten years ago.

PSD1 (as PSD is sometimes called since the introduction of PSD2) had served its role properly and provided a legal framework for financial institutions with the EU and European Economic Area. However, as we live in the modern world things are changing fast. As innovative and comprehensive as it was in its time, PSD1 did not provide enough legal coverage for all the internet-based financial operations that are part of our day to day reality in the second decade of the twenty-first century. The need for change became apparent.

PSD2 – Why did we need a new one?

PSD2 is an entirely new document that replaced PSD. However, it builds on foundations taken for it. It is more specific and restrictive in some areas (e.g. the need for SCA) but provides new perspectives for the industry. While PSD was the first attempt to regulate and standardize the financial sector in the EU, PSD2 goes even further.
It was designed with four main goals in mind:

  1. Contribute to a more integrated and efficient European payments market
  2. Improve the level playing field for payment service providers (including new players)
  3. Make payments safer and more secure
  4. Protect consumers

Below you are going to find more details concerning each of those points. If you are interested in the short digest form, you can check our article: What does PSD2 mean for you?

Contribute to a more integrated and efficient European payments market

This was the main purpose of the first PSD. PSD2 is designed to be even more comprehensive in this respect. It includes institutions and services that were out of the scope of PSD. PSD2 regulates transactions taking place between one party that comes from within the EU and the other that is from outside the EU (one-leg transactions). It gives them the same legal protection as it does to the transactions taking place between the parties based in the EU.
Under PSD1 payments made via telecom providers were unregulated. PSD2 limits this exemption to micropayments for digital services only.
On the other hand, though, it promotes the idea of Open Banking, by obliging financial institutions to share their clients’ data with third parties (on clients’ request) via APIs. This last change not only contributes to the market but also introduces a new level of competition which should be very beneficial to the general public.

To support this integration and efficiency, core banking systems play a crucial role in managing and facilitating these new regulatory requirements.

Improve the level playing field for payment service providers (including new players)

PSD2 introduced the legal coverage for the entirely new concept in finance i.e. Third Party Providers (TPP). They have existed before but were outside of the scope of PSD. In accordance with PSD2, the rules for them are the same as for the traditional payment service providers. They will have to be registered, licensed, and supervised by the appropriate authorities. Furthermore, they will have to comply with the security requirements provided.

The introduction of Third Party Providers should encourage new players to enter the market. Moreover, account information services should help clients find banks and institutions most suitable for their needs.


Account Information Services – AIS

Those are all the services and applications that, with the consent of the user, can aggregate their financial data to provide information about the earnings and spendings. All the apps helping to balance the budget fall into this category. Having said that, we must remember that controlling one’s spending is not the one and only possibility in this category. With the use of AI and big data, such apps can be of huge financial help.

Payment Initiation Services – PIS

Those services should be familiar to most people accustomed to online shopping. Those are all the third-party platforms that allow for fast and secure payment for goods without having to fill out all the fields necessary for on-line transfer. With PSD2 in place, such platforms gained the possibility to grow and expand beyond their domestic market.

Make payments safer and more secure

PSD2 introduces the necessity of using Strong Customer Authentication (SCA). This means that although it encourages data sharing, it does take care of the users’ privacy. No data can be shared without the user’s consent and each time any payment is initialized it requires authentication with the use of SCA. With few exceptions for clients’ comfort like micropayments.

Protect consumers

PSD2 introduces very strict rules regarding complaints processing. There are hard deadlines every institution has to adhere to. Also, liability for unauthorized transactions is largely shifted towards service providers. You can learn more about it in our article: What does PSD2 mean for you?


PSD2 is something that so-called ordinary people should be very happy about. It works hugely in favor of customers curbing financial institutions by enforcing very strict regulations. Complaints processing rules leave no doubt that customers are going to be better protected.

However, what might be even more interesting is the more subtle change. If information is power, then power is definitely granted to the clients now. Banks have to present their offers in a clear and consistent manner. And this being only the beginning with all the third-party apps that will help people manage their budget. It is predicted that we are on the verge of an era of very personal banking, largely driven by advancements in bank APIs.

There is also the other side of this story. New regulations welcome new players entering the market. This is the best time to introduce innovative financial services. TPPs that already exist have the possibility to expand internationally and there is plenty of room for new players.


The crisis of 2008 revealed the fact that the bank is not always the safest place. With the PSD2 European Commission decided to regulate the financial sector making sure that customers are well-protected. It also assumed that banks and established financial institutions should no longer monopolize the market. The regulations had been written in such a manner to match the ever-changing reality of the modern world and ensure maximum flexibility of the market. This change is not always welcomed by the big players, but the future looks very promising both for the general public and the FinTech industry.