At this point, many businesspeople, and some individuals, too, have already heard of the revised EU directive on payments: known as PSD2. For businesses that want to take advantage of digitalisation processes and use them to provide better service for their clients, it is an opportunity to do so. For companies, like Unnax, who have been providing financial services (based on technology) and will now have a regulatory framework (destined to boost competition and level the playing field), it also opens up new doors. But those who benefit the most, we can see, are the consumers: anyone who shops on e-commerce sites, for example. For this to be the case, the security of their details (which they can choose to make available to third parties for things like starting a payment process) and their money must be guaranteed. This is why a significant part of the new directive focuses on security.
PSD2, greater protection for consumers and companies
As we mentioned, some of the activities that will be regulated under the PSD2 were already being done (for example, having all our accounts grouped in one app on our smartphone or making purchases online without having to go through our bank or credit card company).
As they will now be regulated and promoted, it is to be expected that all stakeholders (FinTech companies, individuals and business clients, and even traditional banks) can use this model more securely, and that the new financial services on offer will greatly increase.
Faced with this paradigm shift, regulated by the European Union, security must be reinforced in both directions: so consumers don’t put their privacy or finances at risk, and so companies that take advantage of new options (integrating payment methods, offering financial services through an API, etc.) aren’t exposed to fraud. For all of these reasons, PSD2 contains a series of security measures. And, likewise, the companies that provide technology for financial services must give our clients the tools for effective, secure decision-making.
Stronger authentication thanks to PSD2
It is in this bidirectional risk minimisation (with consumers secure in the knowledge that no one can get into their accounts by pretending to be them and with companies knowing that they aren’t going to grant credit to someone who isn’t who they say they are) that PSD2 is going to implement stronger authentication or SCA (Strong Customer Authentication). It won’t happen immediately in all countries, but it will be rolled out everywhere within months.
What is it? Before accessing a financial service, clients will have to identify themselves with at least two out of the three forms of authentication allowed. One of them will have to be something the user knows, a password or PIN, for example. The second is something they possess, like a smartphone or a bank card. And the third option is something that is part of them, such as a fingerprint or other biometric coordinate.
Getting to know your clients with PSD2
For companies using APIs to improve the services they offer clients and consumers, the rules of the game that PSD2 puts on the table also minimise the risk of fraud. And this issue is key, as fraud is estimated to total up to 3% of a company’s revenue. Plus, all you have to do is watch the news or glance at posts on social media to know that digital identity theft is rampant, and it isn’t always easy to prosecute.
With the new measures, and the APIs built around them, businesspeople get real-time information on their clients’ financial status, so they can make decisions in real time, too. At Unnax we’re prepared for this new era full of possibilities, and we can make sure your business is, too.