Tap to Pay on iPhone
Accept contactless payments right on your iPhone with the Mollie app
Accept payments
Embedded payments
Grow your business
Technical resources
About Mollie
Tap to Pay on iPhone
Accept contactless payments right on your iPhone with the Mollie app
Accept payments
Embedded payments
Grow your business
Technical resources
About Mollie
Tap to Pay on iPhone
Accept contactless payments right on your iPhone with the Mollie app
Accept payments
Embedded payments
Grow your business
Technical resources
About Mollie
What is PSD2? The revised Payment Services Directive explained
What is PSD2? The revised Payment Services Directive explained
What is PSD2? The revised Payment Services Directive explained
What is PSD2? Learn everything you need to know about the revised Payment Services Directive and how it affects your business.
What is PSD2? Learn everything you need to know about the revised Payment Services Directive and how it affects your business.
Dec 2, 2022
What is PSD2?
PSD2 is an updated version of the original European Payment Services Directive (PSD).
The European Commission implemented the original PSD to create a single simplified market for payments in the European Union, improve efficiency, and promote innovation and competition in payments and payment services.
PSD2 is an updated version of the PSD. It further develops some of the core aims of the original directive, mainly in three areas. Those areas are:
Consumer rights: introducing more rules around complaints, surcharging, and currency conversion.
Enhanced security: through Strong Customer Authentication (SCA).
Better innovation: by allowing more efficient third-party access to bank account information.
PSD2 is an updated version of the original European Payment Services Directive (PSD).
The European Commission implemented the original PSD to create a single simplified market for payments in the European Union, improve efficiency, and promote innovation and competition in payments and payment services.
PSD2 is an updated version of the PSD. It further develops some of the core aims of the original directive, mainly in three areas. Those areas are:
Consumer rights: introducing more rules around complaints, surcharging, and currency conversion.
Enhanced security: through Strong Customer Authentication (SCA).
Better innovation: by allowing more efficient third-party access to bank account information.
PSD2 is an updated version of the original European Payment Services Directive (PSD).
The European Commission implemented the original PSD to create a single simplified market for payments in the European Union, improve efficiency, and promote innovation and competition in payments and payment services.
PSD2 is an updated version of the PSD. It further develops some of the core aims of the original directive, mainly in three areas. Those areas are:
Consumer rights: introducing more rules around complaints, surcharging, and currency conversion.
Enhanced security: through Strong Customer Authentication (SCA).
Better innovation: by allowing more efficient third-party access to bank account information.
PSD2 is an updated version of the original European Payment Services Directive (PSD).
The European Commission implemented the original PSD to create a single simplified market for payments in the European Union, improve efficiency, and promote innovation and competition in payments and payment services.
PSD2 is an updated version of the PSD. It further develops some of the core aims of the original directive, mainly in three areas. Those areas are:
Consumer rights: introducing more rules around complaints, surcharging, and currency conversion.
Enhanced security: through Strong Customer Authentication (SCA).
Better innovation: by allowing more efficient third-party access to bank account information.
When was PSD2 introduced?
To start, let’s go back to the early 2000s when payment services and companies weren’t strictly regulated. That changed with the introduction of the Lisbon strategy – a Europe-wide action and development plan – in 2000 and the Single Euro Payment Area (SEPA) launch later that decade. These helped create a more integrated payments infrastructure and vision in Europe.
Following these, in 2007 the original Payment Services Directive (PSD) was adopted. This brought in much more regulation and oversight for EU payments. One main change was the creation of new financial entities: electronic money institutions (EMIs) and payment institutions (PIs), which – when properly licensed – were granted the right to provide payment services to consumers.
In 2013, the European Commission proposed an amendment to PSD, which led to it becoming known as the revised Payment Services Directive.
PSD2 was meant to come into effect in September 2019, but this was pushed back to 31 December 2020. The delay was due to the challenges of implementing it across the EEA and other countries.
To start, let’s go back to the early 2000s when payment services and companies weren’t strictly regulated. That changed with the introduction of the Lisbon strategy – a Europe-wide action and development plan – in 2000 and the Single Euro Payment Area (SEPA) launch later that decade. These helped create a more integrated payments infrastructure and vision in Europe.
Following these, in 2007 the original Payment Services Directive (PSD) was adopted. This brought in much more regulation and oversight for EU payments. One main change was the creation of new financial entities: electronic money institutions (EMIs) and payment institutions (PIs), which – when properly licensed – were granted the right to provide payment services to consumers.
In 2013, the European Commission proposed an amendment to PSD, which led to it becoming known as the revised Payment Services Directive.
PSD2 was meant to come into effect in September 2019, but this was pushed back to 31 December 2020. The delay was due to the challenges of implementing it across the EEA and other countries.
To start, let’s go back to the early 2000s when payment services and companies weren’t strictly regulated. That changed with the introduction of the Lisbon strategy – a Europe-wide action and development plan – in 2000 and the Single Euro Payment Area (SEPA) launch later that decade. These helped create a more integrated payments infrastructure and vision in Europe.
Following these, in 2007 the original Payment Services Directive (PSD) was adopted. This brought in much more regulation and oversight for EU payments. One main change was the creation of new financial entities: electronic money institutions (EMIs) and payment institutions (PIs), which – when properly licensed – were granted the right to provide payment services to consumers.
In 2013, the European Commission proposed an amendment to PSD, which led to it becoming known as the revised Payment Services Directive.
PSD2 was meant to come into effect in September 2019, but this was pushed back to 31 December 2020. The delay was due to the challenges of implementing it across the EEA and other countries.
To start, let’s go back to the early 2000s when payment services and companies weren’t strictly regulated. That changed with the introduction of the Lisbon strategy – a Europe-wide action and development plan – in 2000 and the Single Euro Payment Area (SEPA) launch later that decade. These helped create a more integrated payments infrastructure and vision in Europe.
Following these, in 2007 the original Payment Services Directive (PSD) was adopted. This brought in much more regulation and oversight for EU payments. One main change was the creation of new financial entities: electronic money institutions (EMIs) and payment institutions (PIs), which – when properly licensed – were granted the right to provide payment services to consumers.
In 2013, the European Commission proposed an amendment to PSD, which led to it becoming known as the revised Payment Services Directive.
PSD2 was meant to come into effect in September 2019, but this was pushed back to 31 December 2020. The delay was due to the challenges of implementing it across the EEA and other countries.
What has PSD2 changed?
Third-party payment services
One of the most significant changes that PSD2 introduced is rules around third-party access to bank account information. It specifies that consumers have the right to use any third-party provider for their online banking services.
Under PSD2 directives, banks now have to provide open APIs that give other fintechs access to their customers’ accounts and payment information – as long as they have the customer’s consent.
This allows third-party providers to initiate payments from a consumer’s bank account, helping to accelerate innovation in the payments industry and (usually) creating a faster and easier payment experience for consumers.
Strong Customer Authentication
Another key aspect of PSD2 is its improved security measures, most notably the Strong Customer Authentication (SCA) requirements for online payments.
SCA improves security by requiring customers to complete extra verification steps when paying online, minimising the risk of fraud.
All businesses processing online payments within Europe must comply with PSD2 and implement SCA measures.
PSD2 and SCA apply when both the business’s payment service provider and the customer’s bank or card provider are located within these countries and regions:
The UK
The European Economic Area (EEA)
Monaco
When one of these operates outside of Europe, the payment provider is advised to use their ‘best efforts’ to adhere to SCA regulations.
Read our comprehensive SCA guide to learn more about it and what it means for your business.
3D Secure and 3D Secure 2
The most common way of authenticating an online card payment and adhering to SCA guidelines is using 3D Secure and 3D Secure 2, which most European cards support.
3D Secure (3DS) is an additional step during the online payment process where a consumer provides further information to complete their transaction. This could mean entering a one-time code sent to their device or logging into their online banking environment to confirm payment.
3D Secure 2 is a newer version of 3DS, which provides a better user experience that helps improve fraud prevention and minimises friction during checkout.
Using 3DS provides your business with an extra layer of fraud protection – ensuring that you only accept card payments from legitimate customers. Authenticating a payment with 3D Secure also means your customer’s bank (rather than your business) will be liable for fraud-related chargebacks.
Third-party payment services
One of the most significant changes that PSD2 introduced is rules around third-party access to bank account information. It specifies that consumers have the right to use any third-party provider for their online banking services.
Under PSD2 directives, banks now have to provide open APIs that give other fintechs access to their customers’ accounts and payment information – as long as they have the customer’s consent.
This allows third-party providers to initiate payments from a consumer’s bank account, helping to accelerate innovation in the payments industry and (usually) creating a faster and easier payment experience for consumers.
Strong Customer Authentication
Another key aspect of PSD2 is its improved security measures, most notably the Strong Customer Authentication (SCA) requirements for online payments.
SCA improves security by requiring customers to complete extra verification steps when paying online, minimising the risk of fraud.
All businesses processing online payments within Europe must comply with PSD2 and implement SCA measures.
PSD2 and SCA apply when both the business’s payment service provider and the customer’s bank or card provider are located within these countries and regions:
The UK
The European Economic Area (EEA)
Monaco
When one of these operates outside of Europe, the payment provider is advised to use their ‘best efforts’ to adhere to SCA regulations.
Read our comprehensive SCA guide to learn more about it and what it means for your business.
3D Secure and 3D Secure 2
The most common way of authenticating an online card payment and adhering to SCA guidelines is using 3D Secure and 3D Secure 2, which most European cards support.
3D Secure (3DS) is an additional step during the online payment process where a consumer provides further information to complete their transaction. This could mean entering a one-time code sent to their device or logging into their online banking environment to confirm payment.
3D Secure 2 is a newer version of 3DS, which provides a better user experience that helps improve fraud prevention and minimises friction during checkout.
Using 3DS provides your business with an extra layer of fraud protection – ensuring that you only accept card payments from legitimate customers. Authenticating a payment with 3D Secure also means your customer’s bank (rather than your business) will be liable for fraud-related chargebacks.
Third-party payment services
One of the most significant changes that PSD2 introduced is rules around third-party access to bank account information. It specifies that consumers have the right to use any third-party provider for their online banking services.
Under PSD2 directives, banks now have to provide open APIs that give other fintechs access to their customers’ accounts and payment information – as long as they have the customer’s consent.
This allows third-party providers to initiate payments from a consumer’s bank account, helping to accelerate innovation in the payments industry and (usually) creating a faster and easier payment experience for consumers.
Strong Customer Authentication
Another key aspect of PSD2 is its improved security measures, most notably the Strong Customer Authentication (SCA) requirements for online payments.
SCA improves security by requiring customers to complete extra verification steps when paying online, minimising the risk of fraud.
All businesses processing online payments within Europe must comply with PSD2 and implement SCA measures.
PSD2 and SCA apply when both the business’s payment service provider and the customer’s bank or card provider are located within these countries and regions:
The UK
The European Economic Area (EEA)
Monaco
When one of these operates outside of Europe, the payment provider is advised to use their ‘best efforts’ to adhere to SCA regulations.
Read our comprehensive SCA guide to learn more about it and what it means for your business.
3D Secure and 3D Secure 2
The most common way of authenticating an online card payment and adhering to SCA guidelines is using 3D Secure and 3D Secure 2, which most European cards support.
3D Secure (3DS) is an additional step during the online payment process where a consumer provides further information to complete their transaction. This could mean entering a one-time code sent to their device or logging into their online banking environment to confirm payment.
3D Secure 2 is a newer version of 3DS, which provides a better user experience that helps improve fraud prevention and minimises friction during checkout.
Using 3DS provides your business with an extra layer of fraud protection – ensuring that you only accept card payments from legitimate customers. Authenticating a payment with 3D Secure also means your customer’s bank (rather than your business) will be liable for fraud-related chargebacks.
Third-party payment services
One of the most significant changes that PSD2 introduced is rules around third-party access to bank account information. It specifies that consumers have the right to use any third-party provider for their online banking services.
Under PSD2 directives, banks now have to provide open APIs that give other fintechs access to their customers’ accounts and payment information – as long as they have the customer’s consent.
This allows third-party providers to initiate payments from a consumer’s bank account, helping to accelerate innovation in the payments industry and (usually) creating a faster and easier payment experience for consumers.
Strong Customer Authentication
Another key aspect of PSD2 is its improved security measures, most notably the Strong Customer Authentication (SCA) requirements for online payments.
SCA improves security by requiring customers to complete extra verification steps when paying online, minimising the risk of fraud.
All businesses processing online payments within Europe must comply with PSD2 and implement SCA measures.
PSD2 and SCA apply when both the business’s payment service provider and the customer’s bank or card provider are located within these countries and regions:
The UK
The European Economic Area (EEA)
Monaco
When one of these operates outside of Europe, the payment provider is advised to use their ‘best efforts’ to adhere to SCA regulations.
Read our comprehensive SCA guide to learn more about it and what it means for your business.
3D Secure and 3D Secure 2
The most common way of authenticating an online card payment and adhering to SCA guidelines is using 3D Secure and 3D Secure 2, which most European cards support.
3D Secure (3DS) is an additional step during the online payment process where a consumer provides further information to complete their transaction. This could mean entering a one-time code sent to their device or logging into their online banking environment to confirm payment.
3D Secure 2 is a newer version of 3DS, which provides a better user experience that helps improve fraud prevention and minimises friction during checkout.
Using 3DS provides your business with an extra layer of fraud protection – ensuring that you only accept card payments from legitimate customers. Authenticating a payment with 3D Secure also means your customer’s bank (rather than your business) will be liable for fraud-related chargebacks.
Does PSD2 apply to your business?
If your business accepts payments in certain European countries, you must comply with PSD2 regulations.
PSD2 countries include:
All of the European Economic Area (EEA)
Monaco
The UK
If your business accepts payments in certain European countries, you must comply with PSD2 regulations.
PSD2 countries include:
All of the European Economic Area (EEA)
Monaco
The UK
If your business accepts payments in certain European countries, you must comply with PSD2 regulations.
PSD2 countries include:
All of the European Economic Area (EEA)
Monaco
The UK
If your business accepts payments in certain European countries, you must comply with PSD2 regulations.
PSD2 countries include:
All of the European Economic Area (EEA)
Monaco
The UK
PSD2 compliance requirements
PSD2 applies mainly to banks, meaning that issuing banks – or the bank acting on behalf of a consumer in an online transaction – have to refuse non-compliant transactions to adhere to PSD2 directives.
To reduce the risk of issuing banks refusing your business’s transactions, you must comply with SCA regulations.
SCA applies to customer-initiated online and contactless offline payments, which means that most card payments and bank transfers require SCA to be PSD2 compliant.
Recurring direct debits in which a consumer periodically pays a fixed amount are generally considered merchant-initiated payments and aren’t subject to SCA.
PSD2 applies mainly to banks, meaning that issuing banks – or the bank acting on behalf of a consumer in an online transaction – have to refuse non-compliant transactions to adhere to PSD2 directives.
To reduce the risk of issuing banks refusing your business’s transactions, you must comply with SCA regulations.
SCA applies to customer-initiated online and contactless offline payments, which means that most card payments and bank transfers require SCA to be PSD2 compliant.
Recurring direct debits in which a consumer periodically pays a fixed amount are generally considered merchant-initiated payments and aren’t subject to SCA.
PSD2 applies mainly to banks, meaning that issuing banks – or the bank acting on behalf of a consumer in an online transaction – have to refuse non-compliant transactions to adhere to PSD2 directives.
To reduce the risk of issuing banks refusing your business’s transactions, you must comply with SCA regulations.
SCA applies to customer-initiated online and contactless offline payments, which means that most card payments and bank transfers require SCA to be PSD2 compliant.
Recurring direct debits in which a consumer periodically pays a fixed amount are generally considered merchant-initiated payments and aren’t subject to SCA.
PSD2 applies mainly to banks, meaning that issuing banks – or the bank acting on behalf of a consumer in an online transaction – have to refuse non-compliant transactions to adhere to PSD2 directives.
To reduce the risk of issuing banks refusing your business’s transactions, you must comply with SCA regulations.
SCA applies to customer-initiated online and contactless offline payments, which means that most card payments and bank transfers require SCA to be PSD2 compliant.
Recurring direct debits in which a consumer periodically pays a fixed amount are generally considered merchant-initiated payments and aren’t subject to SCA.
How to comply with PSD2
Many businesses work with a payment service provider to help them comply with PSD2 requirements and offer SCA, such as 3DS2.
A PSP should always help your business comply with all the applicable regulations. They should help you adhere to PSD2 and offer other security services like PCI-compliant card processing systems, hosted checkout pages, and secure data storage.
Here at Mollie, we offer an effortless payments solution that helps you accept multiple payment methods and offer customers a frictionless checkout experience that drives conversions. Our product comes with advanced security features to protect you and your customers. These features include:
Dynamic 3D secure payments
PCI-DSS level 1 certified
Fraud monitoring
Many businesses work with a payment service provider to help them comply with PSD2 requirements and offer SCA, such as 3DS2.
A PSP should always help your business comply with all the applicable regulations. They should help you adhere to PSD2 and offer other security services like PCI-compliant card processing systems, hosted checkout pages, and secure data storage.
Here at Mollie, we offer an effortless payments solution that helps you accept multiple payment methods and offer customers a frictionless checkout experience that drives conversions. Our product comes with advanced security features to protect you and your customers. These features include:
Dynamic 3D secure payments
PCI-DSS level 1 certified
Fraud monitoring
Many businesses work with a payment service provider to help them comply with PSD2 requirements and offer SCA, such as 3DS2.
A PSP should always help your business comply with all the applicable regulations. They should help you adhere to PSD2 and offer other security services like PCI-compliant card processing systems, hosted checkout pages, and secure data storage.
Here at Mollie, we offer an effortless payments solution that helps you accept multiple payment methods and offer customers a frictionless checkout experience that drives conversions. Our product comes with advanced security features to protect you and your customers. These features include:
Dynamic 3D secure payments
PCI-DSS level 1 certified
Fraud monitoring
Many businesses work with a payment service provider to help them comply with PSD2 requirements and offer SCA, such as 3DS2.
A PSP should always help your business comply with all the applicable regulations. They should help you adhere to PSD2 and offer other security services like PCI-compliant card processing systems, hosted checkout pages, and secure data storage.
Here at Mollie, we offer an effortless payments solution that helps you accept multiple payment methods and offer customers a frictionless checkout experience that drives conversions. Our product comes with advanced security features to protect you and your customers. These features include:
Dynamic 3D secure payments
PCI-DSS level 1 certified
Fraud monitoring
More updates
What is friendly fraud?
Friendly fraud can cause financial loss, admin headaches, and reputational risk. Explore different types of friendly fraud and how to prevent chargebacks.
How to prevent carding attacks
Learn how to prevent carding attacks. Discover key prevention strategies and how fraud prevention solutions can safeguard your business.
Are consumers taking back control of their data?
Happy Horizon and Mollie are putting their heads together with 23 experts about personal data.
Ecommerce fraud management strategies
Discover ecommerce fraud management strategies and how to protect your business from fraudsters.
What is friendly fraud?
Friendly fraud can cause financial loss, admin headaches, and reputational risk. Explore different types of friendly fraud and how to prevent chargebacks.
How to prevent carding attacks
Learn how to prevent carding attacks. Discover key prevention strategies and how fraud prevention solutions can safeguard your business.
Are consumers taking back control of their data?
Happy Horizon and Mollie are putting their heads together with 23 experts about personal data.
Ecommerce fraud management strategies
Discover ecommerce fraud management strategies and how to protect your business from fraudsters.
Stay up to date
Never miss an update. Receive product updates, news and customer stories right into your inbox.
Stay up to date
Never miss an update. Receive product updates, news and customer stories right into your inbox.
Connect every payment. Upgrade every part of your business.
Never miss an update. Receive product updates, news and customer stories right into your inbox.
Stay up to date
Never miss an update. Receive product updates, news and customer stories right into your inbox.
Table of contents
Table of contents
Table of contents
Table of contents
Simplify payments and money management
Drive revenue, reduce costs, and manage funds with Mollie.
Simplify payments and money management
Whether you want to grow internationally or focus on a specific market, everything is possible. Mollie supports all known payment methods, so you can grow your business regardless of location.
Simplify payments and money management
Drive revenue, reduce costs, and manage funds with Mollie.