With SCA or Strong Customer Authentication coming into effect on December 31st, 2020, the 2nd edition of the Payments Services Directive or PSD2 regulation is in full force across the European Economic Area. While as a fintech expert you definitely know what is PSD2, we are sure you have some questions regarding PSD2 implementation in your business.
Here at Covery, we hear questions about PSD2 compliance all the time. This article aims to have PSD2 explained in simple words to provide a starting point for designing the ways for your business to meet every PSD2 requirement and avoid non-compliance fees.
There is a steady rise in the popularity of online banking, e-Commerce and various fintech startups, where customers can perform online transactions using their banking card details. However, this also results in a steady increase in the volumes of Card-Not-Present fraud, where fraudsters use skimming to obtain credit card details and make online purchases, and then cardholders initiate chargebacks for the items they never ordered. According to the European Bank statistics, in 2019 CNP fraud amounted to 73% of all the credit card fraud cases in the EU.
Another example when the merchant bears losses is friendly fraud — when the dishonest customer receives the item and initiates a chargeback with their bank, stating the item was of subpar quality or did not arrive at all. Then the merchant has to enter a chargeback dispute with the customer’s bank, which is usually lost.
Enter PSD2
The updated PSD2 Payments Services Directive that came into effect in September 2019 aims to battle CNP and other types of fraud by introducing several updates:
- All transactions above 30 euros have to be approved by customers and verified through SCA (using 2FA or 2-factor authentication). Only recurring payments of the unchanging amount for subscription services or transactions to certain whitelisted merchants can be exempt from this rule.
- All banks should provide access to their customer data to third parties after the customers give their express consent. As a result, fintech startups can automate various types of transactions or make them on the customer’s behalf to improve customer experience.
While PSD2 surely aims to improve payments security, it is hard to implement for every e-Commerce shop or fintech product, as it requires building an API able to communicate with the banks and support 2FA.
Ensure PSD2 Compliance with Covery
Here is when Covery comes to your aid, as it has this API already built, integrates seamlessly with any CRM or payment gateway, and provides a wide range of anti-fraud features. This way, Covery protects your business by ensuring automation of KYC checks, reducing the volumes of CNP fraud by up to 80%, preventing friendly fraud, account takeover, and other types of fraud, providing customizable risk-logic scenarios, etc.
Should you have any more questions on the specifics of the PSD2 regulation or need assistance with PSD2 implementation for your product — the Covery team is ready to help!