What is Payment Services Directive 3 (PSD3)?

PSD3, or Payment Services Directive 3, is the newest European regulation for payment services. It updates PSD2 and may have an impact on security, competition, and transparency in the financial sector.

It also provides payment and e-money institutions access to payment systems and affects fraud protection measures such as Strong Customer Authentication (SCA).

The main goals of PSD3 and the accompanying Payment Services Regulation (PSR) are to:

• Online payment security relates to the level of consumer fraud protection available.
• Address aspects related to consumer rights and protection.
• Address the differences between banks and non-bank payment providers.
• Optimize the performance of open banking.
• The implementation of more detailed requirements for Strong Customer Authentication (SCA) is under consideration.

PSD3 is a revision of PSD2, featuring adjustments concerning security, competition, and innovation.

Key differences include:

• Fraud prevention is related to the sharing of fraud-related data between payment service providers (PSPs).
• Consumer refund rights related to fraud victimization now encompass a broader scope.
• Simplified open banking integration correlates with greater customer control over data.
• New compliance requirements for businesses regarding data handling, authentication, and security.

PSD3 introduces changes in four main areas.

• Beveiliging: It impacts Strong Customer Authentication (SCA) rules, which relates to fraud reduction.
• Consumer Protection: It increases the liability of PSPs for unauthorized transactions.
• Open Banking: It adjusts requirements for Open Banking API access.
• PSP Supervision: It brings in new authorization requirements and changes to capital calculations for payment institutions.

PSD3 is anticipated to affect various entities operating within the financial sector.

• Banks and non-bank PSPs
• Consumers
• Marketplaces that facilitate payments

The exact implementation date for PSD3 is currently unavailable. The European Commission proposed the legislation in June 2023, and the process is still ongoing.

Businesses can get ready by taking these steps:

1. Conduct a compliance gap analysis to see where your current systems stand.
2. Budget for necessary technology upgrades.
3. Educate your teams and customers about the new security measures.
4. Stay informed about regulatory updates and work closely with your payment providers.

PSD3 is expected to significantly reshape the EU’s payments industry. It may influence innovation through the regulation of emerging Betaalmethoden such as blockchain and digitale portemonnees, potentially impacting the customer experience and fraudepreventie measures. 

It seeks to establish a more even environment between banks and non-bank PSPs, with possible effects on market competition and transparency.