You probably don’t run your own bank or have any interest in using the security mechanisms required in the new PSD2. But even if you don’t process payments yourself, there are good reasons for taking PSD2 into account: if you are selling a service or product, and either you or the buyer is in an EU country, PSD2 will impact your business.

One of the key benefits of the PSD2 is how it will enable end-users to initiate online payments directly from their bank account without using a credit card. This can reduce operational costs, but there is still one major challenge: what happens when there is fraud, and the payer requests a chargeback?

This question will be a challenge for merchants in the future as they face refunds, but question where to turn to for that money. Banks and payment service providers hate having to be a part of this process, making it extremely important for merchants to ensure that their transactions are valid.

Regarding refunds, the PSD2 also strengthens the rights of the consumer considerably. And remember, this applies if either payer or payee is in the EU:

“PSD2 provides a legislative basis for an unconditional refund right in case of a SEPA direct debit during an 8 week period from the date the funds are debited from the account. The right to a refund after the payee has initiated the payment still allows the payer to remain in control of his payment. In such cases, payers can request a refund even in the case of a disputed payment transaction.”

Provided either as a service or through the SDK, Okay makes it possible for you as a merchant to prove what happened during the sale, ultimately offering protection from these two common fraud cases:

1. When the user claims they didn’t order something and started a chargeback
2. Where an existing user was tricked into verifying an order, through malware or social engineering

The first case happens often, but Okay gives you the possibility to show that it wasn’t some bug or mistake on your end, and that the order was placed as you have documented it.

The second scenario is a bit more challenging, and perhaps frightening, when realising that someone has targeted your business and entered fraudulent orders. In this case, it is easy for the payer’s bank to claim that this is your liability and that the refund should come from your funds.

However, if you are using Okay, the way our platform verifies transactions will make it nearly impossible for the liability to fall on you if the target of automated attacks. Even if an attack is carried out, Okay will give you a heads-up so that you can delay the delivery of the service, avoiding fraud altogether.

Initially, the Okay solution was created for banks and payment processors. It does not protect against a stolen identity and payment details used for an order, but that is because it is the account service provider’s responsibility. It will, however, help protect you as a merchant against common types of fraud. And as the PSD2 continues to gain speed, securing transactions will become more important than ever before.