The Revised Payment Services Directive (PSD2), which was adopted in 2015 and applies as of September 2019, is meant to harmonize regulations in the payment market. It replaces the PSD1 created in 2007 and integrates new players and technologies.
In addition to its harmonization objective, the directive aims above all to strengthen data and payment security for consumers and businesses in the rise in cybercrime, and to foster innovation and competition in the market.
The main measures of this directive are as follows:
- Additional charges for debit and credit card payments, both in shops and online, are banned
- Refund right for direct debits in euro is unconditional (except in cases of fraud and gross negligence) and consumers’ liability for unauthorised payments is reduced
- The maximum amount a consumer can be obliged to pay in case of an unauthorized payment transaction will be decreased from EUR 150 (DSP1) to EUR 50
- Payment initiation service providers (PISPs) and account information service providers (AISPs) are granted access to their users’ banking information by consent through a secure communication channel
- Strong authentication is mandatory for payments over EUR 30