What does PSD2 mean for US businesses?

PSD2 has the potential to revolutionize the payments industry. Although the PSD2 regulation is enforced by the European Union, companies based in North America need to pay attention too, as it will start to have an impact on U.S. businesses in the near future. Find everything out you need to know about the European Union Payment Services Directive and how it is likely to impact your business.

What is the Payment Services Directive 2?

PSD2 stands for Payment Services Directive 2. It’s an EU directive designed to produce safer and more innovative payments services. PSD2 has three main benefits: increased customer rights, enhanced security through Secure Customer Authentication (SCA), and the enablement of third-party access to your account information.

• Customer rights – The PSD2 regulation improves customer rights in several different ways. Firstly, it mandates greater transparency around terms and conditions and currency conversion. Secondly, it requires payment providers to resolve complaints in a timely manner and stipulates exactly how incidents should be reported. Thirdly, it requires card issuers to make funds available to customers as soon as they know the final amount. Finally, it prohibits surcharges on certain transactions.

• Security – PSD2 banking will also have a significant effect on the way that merchants accept payments, with the aim of cracking down on fraudulent payments. Essentially, it introduces a two-factor ID requirement for some transactions, meaning that customers will need to provide two forms of identification.

• Third-party access – Another key benefit of PSD2 is the fact that it reduces the banking industry’s monopoly on their user data. It allows merchants like Amazon to retrieve your data from your bank (with your permission) which means that whenever you buy something, the merchant can essentially make the payment for you.

How will PSD2 affect U.S. businesses?

Although the Payment Services Directive 2 is only being enforced in the European Economic Area (EEA), it will have an effect on U.S. businesses. Essentially, the Strong Customer Authentication (SCA) mandate applies to all merchants doing business in the EEA. So, if your business meets the following criteria, you may need to implement SCA-compliant transactions:

U.S. entity only but receive EU customers and traffic

If your business receives a significant amount of traffic from Europe, setting up an EU entity could be a good idea.

U.S. business expanding into the EU

Businesses expanding into Europe will need to comply with PSD2 and SCA, so making the transition as soon as possible will be beneficial.

U.S. headquarters but entities in the EU

Any U.S. businesses with entities in the EU will need to ensure that their European entities are PSD2-compliant and SCA-ready. Otherwise, you run the risk of declining authorization rates and even declined payments.

In addition, some security experts are predicting that the EU’s crackdown on fraud could increase the number of payment scams in the U.S., which could leave U.S. businesses vulnerable.

What can I do to prepare?

After working out whether your business is likely to be affected by the European Union Payment Services Directive, ensuring SCA compliance should be your number one priority. There are many different payment systems that you can take advantage of to ensure that you’re compliant with SCA. Here at GoCardless, our product offering is fully PSD2-compliant.

We can help

GoCardless helps you automate payment collection, cutting down on the amount of admin your team needs to deal with when chasing invoices. Find out how GoCardless can help you with ad hoc payments or recurring payments.