All Financial Institutions Must Be PSD2 Compliant

All Financial Institutions Must Be PSD2 Compliant Before September 14, 2019

The Revised Payment Services Directive (PSD2) is a stricter requirement for financial institutions under the eIDAS Regulation.

---

Updated 5/9 2019: The Danish Financial Supervisory Authority (Finanstilsynet) has decided to postpone the hard deadline for Danish compliance with PSD2 until March 14, 2021. This extension of the implementation period only applies to online card payments.

PSD2 explained

In short, the Revised Payment Services Directive (PSD2) is a stricter requirement for European financial institutions.

The purpose of PSD2 is to increase transparency and the free choice for suppliers of financial products between European countries and to secure the consumer through Strong Customer Authentication (SCA).

This video gives a pretty good overview of the PSD2 directive and its contents.

“The Revised Payment Services Directive (PSD2) is a stricter requirement for financial institutions under the eIDAS Regulation.”

Qualified Certificates are now required

One of the essential parts of PSD2 is the requirement for Qualified Certificates:

As one of very few European organizations, TRUSTZONE provides Qualified Certificates to both Third Party Providers (TPP) and Payment Service Providers (PSP).

QWAC and QSEAL

There are two different types of certificates:

• Qualified Website Authentication Certificate (QWAC)
• Qualified Certificate for Seals (QSEAL)

In our experience, most financial institutions need both types of certificates to become 100% PSD2 compliant.

What to do next

Our recommendation is that you review your upcoming certificate needs as soon as possible.

We hope that the extension of the current implementation period result in complacency:

On the contrary, we strongly encourage companies, organizations, and financial institutions who aren’t yet compliant to contact us. We’ll be happy to help you clarify which certificates you need.