Dig deeper into the ECB’s activities and discover key topics in simple words and through multimedia. a password or a PIN); (ii) possession (something only the user possesses, e.g. In particular, the PSD2 covers the following three types of services: 1. payment initiation services, which help consumers make online payments and inform the merchant immediately of the payment initiation, allowing for the immediate dispatch of goods or immediate acce… There are, however, exemptions from the requirement to have strong customer authentication. Payment users have an eight-week unconditional refund right for direct debits in euro. Account-servicing payment service providers cannot deny access to the accounts they hold unless the third-party payment service provider is unauthorised or if there is a suspicion of fraud. The surcharge ban applies where the consumer’s bank or card issuer and the payment service provider of the merchant are both located in the European Economic Area (EEA) and the consumer makes a payment either using a debit or credit card, or by direct debit or credit transfer. Browse the ECB’s reports, publications and research papers and filter them by date or activity. For example, this may be the case for low-value payments at the point of sale or for remote transactions, in line with certain conditions. The three documents were developed by the European Banking Authority in close cooperation with the ECB and payment service providers must comply with all of them. They make and/or receive payments. PSD2 Guidance: Regulation 71(8) Reporting Scenarios 23. The PSD2 clarifies liability issues between the bank holding the account and the payment initiation service provider. The PSD2 sets out strict security requirements for electronic payments and the protection of consumers’ financial data. The regulatory technical standards were published in the Official Journal of the European Union on 13 March 2018 and apply as of 14 September 2019. The main objectives of the PSD2 are (i) to contribute to a more integrated and efficient European payments market; (ii) to further level the playing field for payment service providers by including new players; (iii) to make payments safer and more secure; and (iv) to enhance protection for European consumers and businesses. The PSD2 is supplemented by regulatory technical standards on strong customer authentication and common and secure open standards of communication, as well as guidelines on incident reporting and guidelines on security measures for operational and security risks. Explicit consent is required from the payer for a transaction to be executed. The PSD2 opens up the EU payments market to third-party payment service providers offering services based on access to information from the payment account. Nevertheless, in the interest of their own security, all payment service providers are strongly encouraged to fulfil the requirements of the regulatory technical standards as soon as possible. The payment service user is not liable if it was not possible for him/her to be aware of a loss that resulted from theft or misappropriation of the payment instrument (e.g. In case of unauthorised payments,the customer will not pay more than €50 (vs €150 before), except in certain situations such as fraud or gro50s s€ negligence. Even when the surcharge ban does not apply, the amount of any surcharge imposed cannot exceed the cost incurred by the merchant in accepting the particular payment method. Customer authentication is a process whereby the identity of the user of a payment service is validated.