What is PSD2 and How Will it Impact Your Business

March 28, 2019, Brandon Ellis
PSD2 regulations. Traveler making online purchase with credit card on tablet.

The revamped Payment Service Directive (PSD2) is already in effect; however, Strong Customer Authentication (SCA) is part of the PSD2 regulations, and its deadline is looming.

What is PSD2?

The Payment Services Directive is an EU Directive administered by the European Commission.  Its purpose is to regulate payment services and payment service providers throughout the European Union (EU) and European Economic Area (EEA).  

On October 8, 2015, the European Parliament accepted the European Commission proposal to create safe and more innovative European payments (PSD2, Directive (EU) 2015/2366). These new rules focus on facilitating safer cross-border European payment services and better protecting consumers when they make online purchases.

On November 16, 2015, the Council of the European Union passed PSD2.  The regulation deadline would be imposed in two years, giving ample time to member states to incorporate the directive into their national laws.  

On January 13, 2018, the original PSD was repealed and replaced by PSD2, and since March 14, 2019, financial institutions providing an API solution must have it readily available for external testing.  

What is SCA?

Under PSD2, Strong Customer Authentication (SCA) is a new European requirement. Payment providers must use two separate authentication elements to verify an online transaction.  

There are three common factors of authentication and PSD2 defines the SCA as having to include two or more of the following:

Factors for Strong Customer Authentication, which includes something you know, something you have, and something you are.

The desired outcome of PSD2 is to make SCA a requirement for all online transactions; however, there will be some exemptions. For instance, transactions under 30 EUR will be exempt, but if a card processes more than 100 EUR within 24hrs, SCA will be required.

Any transaction that does not meet the new requirements of PSD2 could get declined beginning September 14, 2019.  

Presently, an authentication tool called 3D Secure 1.0 (Verified by Visa, Mastercard SecureCode) is used as a way to verify online transaction.

Here’s what that looks like:

A customer goes to pay for their booking online only to get redirected to a page asking for a pin number that isn’t their actual pin number, but one they’ve forgotten. At that point, they either choose to reset it, or cancel the booking.

As you can see, that’s a huge risk to your conversions. Thankfully, welcoming 3D Secure 2.0 means frictionless authentication.  

What does this mean for you and Checkfront?

To be compliant with PSD2, all payment gateways must adhere to the directive by the dates described above.  While Checkfront will upgrade to work with the new payment flows before September 2019 when SCA is enforced you should make sure that your payment gateway will be ready as well. Otherwise, you’ll risk missing out on bookings with credit card payment declines.

If you have any questions, please contact us at support@checkfront.com.

Want to keep in the loop on Checkfront updates?

Sign up for our monthly newsletter

And get the latest news for the tourism industry and travel technology

Subscribe now

Related Articles: Stay in the Know with Our Brand New In-App Messaging | Take the Arival Industry Survey for the Largest In-destination Study | Checkfront Named One of Canada’s Companies-to-Watch in Deloitte’s Technology Fast 50™ Awards | Introducing Flex — Our Zero Payments Plan | Where to Get Tourism News for Tours and Activities | Simplify Your In-Person Payments with Stripe Terminal |

Didn't find what you were looking for?

Use the form below to search our site