Payment Service Directive 2 (PSD 2) has been delayed by an additional 18 months because of industry push backs. So what's actually happening? What does PSD 2 do? Why is it different from PSD 1? And how can you implement it into your website seamlessly?
A land before time
Going back 10 years, the first PSD was given life by the European Commission and spread across the web. PSD 1 was designed to increase consumer security during online payments and to provide a more harmonious transaction. For a while, PSD 1 was good enough to fulfil its initial purpose. But with an increase in cross-device optimisation, changing customer preferences and more mobile payments happening every day, PSD 1 failed to evolve with the times.
And so PSD 2 was created in 2015.
Originally, the European Commission set a deadline for the 14th September 2019, but after huge industry push backs, businesses were given an additional 18 months to implement PSD 2. As long as they showed evidence of PSD 2 development during this additional period.
Spot the difference
Unlike the original version, PSD 2 focuses on a high level of customer authentication, through a 3 step phase used during purchases.
1) Something the customer knows (pin/password)
2) Something they have (card or phone number)
3) Something they are (fingerprint/face recognition)
Thinking about this in more depth and we begin to review all of the different difficulties that come with a 3 step authentication process.
At a baseline, there are some exceptions to the PSD 2 process. Transport fees and parking payments are both exempt, along with contactless payments of up to €50 with a cumulative limit of €150. Or payments of €30, up to five consecutive transactions.
PSD 2 has been designed to offer a more seamless omnichannel optimisation process across mobile, PC and TV, through a frictionless connection between businesses, customers and financial services.
Basically, PSD 2 has more data, covers more devices and is more secure.
How does it affect me?
As good as PSD 2 promises to be, it has been greeted with strong negativity. Businesses are concerned that the 3 step process will slow down or even deter users from buying online, while the actual integration of PSD 2 has proven to be more challenging than initially anticipated.
Don't worry though it's not all doom and gloom. Visa recently released a report stating that PSD 2 can decrease cart abandonment by 70% and a transaction time reduction of 85% was also experienced. - Visa reports
But whether you're for or against PSD 2, there's no stopping it's second coming as businesses are legally bound to the requirements of the European Commission.
Creating something new
Along with the PSD update, 3DS 2.0 has also been released. You might not be aware of what 3DS 2.0 is but it's likely you have already used it. 3DS 2.0 uses biometric methods to identify a user, this can be through fingerprints or facial recognition. After being implemented early this year, 3DS 2.0 created a more free-flowing transactional process on mobile and businesses began to experience the benefits.
PSD 2 plans to follow in the same path.
But with all its benefits also comes its difficulties. Businesses now need to show their PSD 2.0 development or risk being fined.
So, you have implemented PSD 2 and are set to launch the updated payment process. But what if it goes wrong? You risk exposing thousands of people's sensitive information and could face minimum fines of £20m or 4% of your annual global turnover, whichever is more expensive.
What you need to do now is test. Test the security of your site and payment system using large scale script testing.
If you already test your website, then you might know about script testing and the amount of time and resources it requires. But these drawbacks only exist if you use a lower quality testing partner. Digivante, on the other hand, can conduct large scale script testing explorations quickly and qualitatively, through the use of our in-house and global community of expert testers. Talk to us now about PSD 2 for expert PSD 2 help.