Open Banking and PSD2 API Implementation – FAQ

Here you will find some answers to commonly asked questions about the PSD2 Directive and have PSD2 explained. 

PSD2 brings some revolutionary changes to the financial landscape in the European Union. Find out more about open API, Third Party Providers, and open banking. 

What does the term PSD2 stand for?

It’s an acronym for the Second Payment Services Directive, issued by the European Parliament. It is the successor of the Payment Services Directive (PSD) from 2011. 

What are the principles of PSD2?

The main principle of the directive is to create an open, transparent, and trustworthy market for banking services. It pays great attention to data security and consumer privacy issues. By providing the same guidelines to every country in the EU, the directive ensures that the highest standards are being kept in the financial sector in the Member States. 

Is compliance with PSD2 regulations mandatory? 

If you operate within the European Union, yes. It’s not only necessary to abide by the law, but also it will help your product grow in the European market. 

Can I read the text of the PSD2 Directive?

The contents of the directive are open to the public. They also have PSD2 dynamic linking explained. You can find them here: https://eur-lex.europa.eu/eli/dir/2015/2366/oj

What are the main changes the PSD2 brings to the world of online finance?

Although PSD2 influences many aspects of the finance world, here are the 3 major ones:

1. Obligatory Strong Authentication Procedure

 The Strong Authentication procedure used to be optional. Not anymore: the PSD2 Directive provides specific guidelines on how the identity of the payment service user should be verified by the payment service provider. It will be used every time:

• the user accesses their payment account online
• the user initiates an electronic payment transaction
• the user begins a payment process that may involve the risk of fraud

The payment service provider or TPP should use at least two of the following elements for identity verification:

• the user’s knowledge (e.g., password)
• the user’s possession (e.g., card, mobile)
• the user’s feature (e.g., fingerprint)

2. A new category of service providers

A new category of payment service providers will appear on the financial services market: TPP (Third Party Provider), which will be able to provide two types of services:

• AIS (Account Information Service)
• PIS (Payment Initiation Service)

PSD2 imposes an obligation on banks to allow AIS and PIS access (in the scope of the service provided by these providers) to their user accounts. The TPP can receive full information about the state of a consumer’s finances. 

A TPP can be either a traditional financial institution or a service provider of the digital economy era (e.g. Google).  

3. Handling of unauthorized transactions 

If the user finds out that an unauthorized transaction has taken place, the supplier bears full responsibility. They should take action not later than by the end of the next business day after receiving notification. The user gets a full refund. In turn, the user should report the unauthorized transaction to the service provider within 13 months of the date of the transaction. If the user fails to do so, they take on liability for unauthorized transactions up to the equivalent of €50. It’s worth noting that it used to be €150. The user will not be charged if: 

• the loss was caused by actions or inaction on the part of the payment service provider’s employee, agent or branch
• the user was not able to determine the loss, theft, or appropriation of a payment instrument before payment

Why is the PSD2 Directive important? PSD2 explained.

PSD2 is an important trigger for the financial industry to adapt to rapid technological changes. The Directive’s requirements affect payment services, e-money, payment transfers, etc. It will change how banks work and the services they offer. It will also bring new business opportunities. 

What does the PSD2 Directive mean for consumers?

PSD2 is going to bring more competition to traditional financial institutions since they no longer have a monopoly on transaction data. Because of this, consumers will enjoy a variety of new financial digital products and services in the upcoming years. 

What is PSD2 compliance?

It means that financial institutions have adapted to the new legislative framework imposed by the PSD2: open API, integration with third-party providers, and applying new security guidelines for payment transactions. 

Is PSD2 the same as open banking?

PSD2 makes way for open banking. PSD2 requires banks to open up their data to third party providers and open banking provides guidelines on how to do it. 

What is a Third Party Provider?

A third-party provider (TPP) is an entity defined by PSD2 as having access to banks’ data. Banks, financial software providers, retailers, telcos, fintechs, and big techs can become a TPP.

What are Payment Initiation Services?

A Payment Initiation Service Provider (PISP) lets consumers transfer their money directly from their bank account rather than using debit or credit cards. 

What is Information Service Providers?

Account Information Service Providers (AISP) can use consumers’ bank account data to provide various services. 

What does the term API stand for?

It’s an acronym for Application Programming Interface. It provides developers with access to a proprietary software application.

Where can I find the full list of specifications for the Polish API?

Just visit polishapi.org to receive any information necessary.

What is API payment?

API payment describes how the buyer’s interface and the seller’s interface can interact. It is used to provide banking services like payments, refunds, storing debit or credit card information, etc.

What are the benefits, especially for fintech startups?

PSD2 directly stimulates the growth of innovative banking services because banks are no longer the main force in the financial sector. By introducing the position of a TPP, the directive opens the door to the new era of digital financial products. As a result, customers will get access to brand new services. 

What kind of digital products can be developed thanks to PSD2?

The main trends in financial product development are:

• Authentication as a Service (AaaS)
• New payment providers
• Banking portals instead of traditional banks
• Financial product aggregators
• Managing bank account and payment history data
• Automating and managing payments
• New insurance policy models

Where can I get help with making sure my digital product is compliant with PSD2 and Polish Open API guidelines?

BinarApps is here to help you with any issues regarding the Open Banking regulations. Can PSD2 be explained in 3 minutes? You can contact us and find out.

Is BinarApps experienced with Open Banking and API Integration?

Yes! We successfully collaborate with TPPs. We were also a part of creating the Polish API standards in 2019.