DSP2, you have surely heard about it in recent months. Entered into practice on September 14, 2019, the new version of the European Directive on Payment Services (PSD2) is at the heart of banking and commercial news. However, it does not date from yesterday. Adopted in November 2015, its “big sister” (or DSP1) dates from 2007.
What does the DSP consist of?
This measure aims to strengthen the protection of consumers when they shop in the Member States. The dematerialization of transactions is indeed accompanied by an increase in fraud, which it is essential to counter.
The PSD2 emphasizes "strong authentication" with the program, changes that will be required at European level:
In these two cases, the customer will therefore have to pay in a "classic" way by inserting his card into the terminal and entering his secret code. These new measures will impact professionals in the sector, in particular banks and payment organizations, which will have to update their payment services and will have to develop new APIs (Application Programming Interface). Merchants will also be obliged to integrate security measures when shopping online, even if these measures were not mandatory before DSP2, most merchants have started this transition with the introduction of 3D-Secure in particular.
Although adopted in November 2015, PSD2 was put into effect in January 2018 with the publication of technical standards in March 2018. There followed an 18-month transition period which allowed payment organizations and merchants to implement these regulatory technical standards (RTS) relating to strong authentication. September 14, 2019 therefore marks the gradual application by all these actors of these security standards (RTS) on strong authentication. However, its full implementation will take longer than expected, as most banks have fairly old IT systems that are not very compatible with PSD2. At present, 75% of the APIs of European banks are available but only 18% are usable. Italy and the Netherlands are in the lead with 33% of operational APIs against 10% in France, and 0% in Germany… This is why professionals have extra time to integrate these new measures. Strong authentication should be extended around the end of 2020 in Europe.
E-Pay Space Team,