The Payment Services Directive (PSD2, Directive (EU) 2015/2366) is an extensive revision of the European Union’s (EU) “Payment Services Directive” regulations. It defines the legal framework within which all payment service providers in the EU must operate. The objectives of PSD2 are to:
- standardize regulations and secure payment services across EU countries,
- ensure consumer access to transaction information,
- specify liability for fraudulent transactions, and
- diversify the payment services ecosystem by mandating, upon consumer consent, access to account data via API, and allowing Payment Institutions (EU-certified non-bank and non-governmental financial businesses) to sell services.
PSD2 mandates Strong Customer Authentication (SCA) achieved via multi-factor authentication and 3D Secure, an authentication protocol supported by major credit card brands.