PSD2: EU necessary sturdy authentication by the tip of 2020: be prepared! – PrestaShop Weblog


Initially scheduled for the 14th of September 2019, then postponed to March 2020, the PSD2 is making a robust comeback. Everybody concerned within the fee business has been working laborious to implement this new directive and specifically the event of the 3D Safe model authentication protocol. This process should be operational on all e-commerce websites earlier than January 1st 2021. A deadline for all of the international locations of the European Financial Space.

PSD2: going past the acronym, what are we speaking about? And above all, what are the impacts for you e-merchants? 

What’s PSD2?

In plain phrases: The Fee Providers Directive 2. The target of this European directive is to “foster innovation, competitors and market effectivity” and extra particularly to “modernize fee providers in Europe for the advantage of each customers and companies” in accordance with the EU Fee. The PSD2 goals to ensure truthful and open entry to fee markets and to strengthen shopper safety.

In sensible phrases, it helps efforts to open up banks’ info techniques to new operators (open banking) and, what’s extra, it strengthens on-line fee safety to fight fraud and cyber-crime (identification theft).

The PSD2 applies to all on-line fee providers, no matter whether or not they’re card funds or not – within the Single Euro Funds Space (SEPA) – supplied by a financial institution, a fintech or an e-merchant. It now requires a <b>sturdy authentication</b> system to be arrange.

What is robust authentication?

Authentication is a process that’s required to allow on-line funds or so-called delicate operations (funds, transfers, and so forth.) to be permitted. The stronger the authentication, the better the safety. 

The PSD2 now imposes an SCA (Robust Client Authentication) course of, i.e. buyer identification involving at the very least two unbiased components, corresponding to: 

  • A component recognized solely to the patron (e.g. a password) ; 
  • An object owned by the patron (cell phone, financial institution card, and so forth.); 
  • A component that identifies the patron (corresponding to a fingerprint, voice or facial recognition), enabling safe authorisation.

This new model of the 3-D Safe protocol should be carried out by the patron’s financial institution and is not the duty of the e-merchant.

What are my obligations as a retailer?

If the protocol depends upon the fee suppliers and extra notably the banks, as an internet retailer it’s as much as you: 

  • verify the contractual circumstances of your VAD contract;
  • guarantee that your payment module is customized to the brand new pointers and has been completely examined;
  • if mandatory, perform IT variations to supply the knowledge required by these new infrastructures.

And watch out for the timing! These steps should be carried out earlier than the tip of 2020.   In view of the excessive degree of business exercise on the finish of the 12 months with personal gross sales, Black Friday and the Christmas holidays, we strongly really useful that you just make the required adjustments in the course of the autumn, throughout October on the newest.

Is there a turnkey answer compliant with PSD2?

Many service suppliers have already made the required adjustments and up to date their modules. Discover our choice on the Addons Market Place.

It’s also possible to go for PrestaShop Checkout, an answer that PrestaShop has been providing for greater than a 12 months now in partnership with PayPal. A single module to handle all forms of funds (bank cards, native options, and so forth.), simply and securely, from your individual interface. This module may be arrange in a few minutes and permits you to make 100% safe transactions that adjust to European requirements & 3D Safe 2.

The e-commerce monetary dictionary: 

Open Banking

This refers to opening up the banking system beneath the Fee Providers Directive, PSD2, which has been necessary since 2018. The time period refers to better monetary transparency by banks in relation to business transactions, with the prior consent of consumers. This has enabled purposes and providers to be developed round monetary establishments so as to handle one’s funds, mix a number of financial institution accounts in a single interface or handle cash transfers, amongst different issues.


The time period describes modern, moderately new firms utilizing digital expertise, cell expertise, synthetic intelligence, and so forth., to supply monetary providers extra effectively and at a decrease price.

PSD 2 

That is the 2nd Fee Providers Directive (succeeding the primary model launched in 2007). The PSD2 is designed to standardise fee rules inside the European Union (EU) whereas additionally taking technological developments into consideration. 

The primary measures concern the prohibition of overcharging for funds by debit or bank cards, the opening of the funds market to service firms (open banking), the introduction of strict safety necessities for digital funds and the safety of customers’ monetary information. 

VAD Contract 

That is the contract between a service provider and his financial institution to have the ability to use a digital digital fee terminal (digital Eftpos terminal), i.e. a fee gateway for processing on-line transactions, checking the validity of the technique of fee, and so forth. The contract is concluded between the service provider and his financial institution. This contract is a compulsory step so as to provide fee by financial institution card on a product owner’s web site.

Source link