New EU law to change how you bank and shop online – are you ready?

August 29, 2019

What is PSD2?

The Second Payment Services Directive, or PSD2, is a new European law which comes into force on 14 September 2019. The aim of PSD2 is to make online banking and online shopping more secure.

Financial providers, for example banks, are required to introduce additional security steps to confirm your identity when you:

  • Access your payment accounts online, for example to check your bank balance or if a transaction has been made.
  • Update your personal information online, for example change your address.
  • Make payments online.

These additional security steps are called Strong Customer Authentication (SCA).

How is Strong Customer Authentication (SCA) applied?

When you’re banking or shopping online, you may be asked to verify your identity using at least two of the following independent methods (two factor authentication):

  1. Knowledge – something only you know e.g. a password or PIN.
  2. Possession – something only you have e.g. a card reader or mobile phone.
  3. Inherence – physical characteristic e.g. a fingerprint, voice recognition, or retinal ID.

There are a few exceptions where SCA doesn’t apply, for example contactless card payments up to €30. See our website for more information on transactions that are excluded from PSD2.

What is Open Banking?

As well as improving your online security, PSD2 will also introduce Open Banking. This means that you can now use Third Party Providers (TPPs) for payment initiation services, for example making payments directly from a bank account instead of using a debit or credit card when shopping online. In addition, you can also use TPPs for account information services to help you to manage your accounts. TPPs can only access your account with your consent.

Enjoy this news story? Sign up to our monthly newsletter for more on consumer rights, managing your money and product recalls.

Return to News

Haven’t found what you’re looking for?