Third-party providers come under PSD2 scrutiny
Euromoney, is part of the Delinian Group, Delinian Limited, 4 Bouverie Street, London, EC4Y 8AX, Registered in England & Wales, Company number 00954730
Copyright © Delinian Limited and its affiliated companies 2024
Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

Third-party providers come under PSD2 scrutiny

Payment providers looking to capitalize on open banking will have to jump through regulatory hoops to prove they are able to offer the services they claim, under the final set of rules from PSD2.

Open banking is a simple-sounding concept – the rules around it, however, are anything but.

Under the European Union’s second payment services directive (PSD2), strong customer authentication (SCA) aims to ensure that the third parties that banks deal with are who they claim they are. 


Mark Hewlett, Ebury

To meet this need, adequate proof needs to be provided. This proof comes in the form of two or more elements defined as knowledge (something only the user will know), possession (something only the user possesses) or inherence (something that the user is). 

Before a transaction can be made, the regulator wants to ensure that third-party payment service providers (TPPs) involved can process the transactions as they are claiming, and that neither the sender nor recipient is falling victim to fraud.

This step came as part of the final list of regulatory technical standards published by the European Banking Authority in February to comply fully with PSD2. The new rules firmly mandated the use of digital certificates as proof of identity.

This change is a step towards the TPPs coming under regulatory scrutiny – something which, much to the chagrin of many banks, they have largely avoided so far.

Gift this article