Why Should You Care? PSD2 Explained
First published: 15/08/2019
updated: 22/10/2022
Erik Vasaasen
Ever since the European Commission proposed the revised PSD2 in 2013, there has been widespread disruption in the European payment market. New payment processors are popping up almost daily, and the big banks are moving fast to secure their positions. Will PSD2 be good? Why should you care? Here are some thoughts before the directive hits in September 2019.
PSD2: Why You Should Care
You probably don’t run your own bank or have any interest in using the security mechanisms required in the new PSD2. But even if you don’t process payments yourself, there are good reasons for taking PSD2 into account: if you are selling a service or product, and either you or the buyer is in an EU country, PSD2 will impact your business.
One of the key benefits of the PSD2 is how it will enable end-users to initiate online payments directly from their bank account without using a credit card. This can reduce operational costs, but there is still one major challenge: what happens when there is fraud, and the payer requests a chargeback?
PSD2: Why It’s a Good Thing
This question will be a challenge for merchants in the future as they face refunds, but question where to turn to for that money. Banks and payment service providers hate having to be a part of this process, making it extremely important for merchants to ensure that their transactions are valid.
Regarding refunds, the PSD2 also strengthens the rights of the consumer considerably. And remember, this applies if either payer or payee is in the EU:
“PSD2 provides a legislative basis for an unconditional refund right in case of a SEPA direct debit during an 8 week period from the date the funds are debited from the account. The right to a refund after the payee has initiated the payment still allows the payer to remain in control of his payment. In such cases, payers can request a refund even in the case of a disputed payment transaction.”
PSD2 & Okay
Provided either as a service or through the SDK, Okay makes it possible for you as a merchant to prove what happened during the sale, ultimately offering protection from these two common fraud cases:
- When the user claims they didn’t order something and started a chargeback
- Where an existing user was tricked into verifying an order, through malware or social engineering
The first case happens often, but Okay gives you the possibility to show that it wasn’t some bug or mistake on your end, and that the order was placed as you have documented it.
The second scenario is a bit more challenging, and perhaps frightening, when realising that someone has targeted your business and entered fraudulent orders. In this case, it is easy for the payer’s bank to claim that this is your liability and that the refund should come from your funds.
However, if you are using Okay, the way our platform verifies transactions will make it nearly impossible for the liability to fall on you if the target of automated attacks. Even if an attack is carried out, Okay will give you a heads-up so that you can delay the delivery of the service, avoiding fraud altogether.
Initially, the Okay solution was created for banks and payment processors. It does not protect against a stolen identity and payment details used for an order, but that is because it is the account service provider’s responsibility. It will, however, help protect you as a merchant against common types of fraud. And as the PSD2 continues to gain speed, securing transactions will become more important than ever before.