PSD2 regulation: How will it affect E-Commerce?

Index [Hide] [Show]

How will the European PSD2 regulation affect online businesses? 

Nothing will be as before in the world of online payments. The arrival of the new PSD2 regulations will convert e-commerce into agile and secure environment.

Both buyers and owners of online stores will have to adapt to the new rules of the game. The change will be easier for users and a little more "traumatic" for some businesses. What is the PSD2 EU Directive and how will it affect transactions? Discover how will change the process of selling and online purchasing in the near future.

What is the PSD2 regulation?

The acronym PSD stands for "Payment Service Directive", a European directive initially approved in 2007 that gave way in 2015 to what we know today as PSD2. This regulation has revolutionized the payment media sector by changing the rules of the game. 

PSD2 establishes how the connection between banks and online stores should operate and sets a series of rules to avoid fraud in transactions taking a step forward for the inclusion of new companies and forms of payment in e-commerce. The PSD2 is a breath of fresh air for online shoppers, and also for most online stores.

So far, online transactions were not safe? 

Online purchases were, are and will be supported by international regulations, but times have changed and the European Union has been forced to launch a regulation that can be adapted to the various platforms ( mobile phone, tablet, computer ...) and to the new payment methods that are emerging. Security and flexibility in future payment options are the keys to PSD2.

When will the PSD2 regulation take effect?

The fixed date for a regulation to take effect is on September 14, 2019. But the large financial companies have not known, wanted or been able to establish the necessary changes to comply with the regulations, so they requested an extension for compliance from the European Union . The European banking authority set a new maximum deadline for compliance: September 14, 2020, although it left the decision to accelerate the process to national banks. Thus, in Sweden the new regulations are fully integrated throughout the country. The Bank of Spain is not in favor of shortening the deadlines, so, a priori, it will maintain the new date established by Europe.

Will the PSD2 affect buying and selling?

To understand the effect that the new regulations will have on online purchases, it is necessary to differentiate the channel in which the transactions will occurs:

Payments by phone or email

Payment by phone will not be affected by PSD2, the new rule neither affects those made by email. These types of purchases are exempt from complying with the double verification of European regulations. Therefore, the same system currently used as the MOTO payment method is maintained.

Subscriptions and periodic payments

These kinds of payments are the order of the day. What will happen with subscriptions to digital platforms like Netflix, Amazon or HBO?

The PSD2 will be applicable at first, when the service is contracted, but will not be applied thereafter. The renewal of the subscription will not have to pass the double verification process.

Small transactions

The issuer of the card on a gateway will have the power to avoid the double verification system for small purchases of € 30 or less, although in this case restrictions are applied to prevent fraud: it allows a maximum of five small transactions without verification or a maximum amount of € 100.

Payments in physical stores

Card payment by physical data will continue with current regulations, an additional verification channel will not be necessary.

Payments in online stores

The virtual environment is the big one affected by the PSD2. Until now, if you bought with a debit or credit card, you had to enter your name and surname, the card number, the expiration date and the CVV or CVC code. This system opened the door to fraud, since in most payment platforms with just that data anyone could make purchases.

The European PSD2 regulation establishes a double control system known as TFA (Two Factor Authentication). It consists of verifying the identity of the user through at least two of the three verification systems available:

  • Password.
  • Verification by mobile phone or ID.
  • Identity check with biometric features (eye, face or fingerprint).

With this regulation, purchases in online stores will be much safer. In the near future it will not be possible to buy with a an information copied from a credit card.

The PSD2 takes users' side

The fraud has always existed in online sector and will exist with the PSD2, it is inevitable. Therefore, the European Commission has regulated the conditions in case of unauthorized purchases. Regulators have been blunt in this regard, putting themselves on the users' side.

With its entry into force, the buyer will only be responsible for purchases of less than € 50. This amount is significantly reduced, with the old PSD the limit was € 150.

The form of refunds of the amounts defrauded by the financial provider also changes. If the company does not clearly demonstrate that the purchase has been consented, you will have to return to a card holder the full amount paid for the product within a maximum period of 24 hours.

How will PSD2 affect online business owners?

The PSD2 has created a lot of alteration and confusion among entrepreneurs. In most cases the new regulation will benefit business owners, although there are some exceptions. Here are some of them:

Online businesses without POS transaction processing

Many entrepreneurs will not be affected, in their business, by the new payment regulations. It is the case of all those that do not use a payment gateway or a virtual POS. Therefore, PSD2 does not affect the businesses that receive payments by bank transfer, check, Western Union, MoneyGram or cryptocurrencies.

Online stores and businesses with virtual POS

The most important point of PSD2 for eCommerce is that the companies that have contracted a payment system will not have to make any special adaptation. They will not need extra consultants or norm specialists. Therefore, hiring a virtual POS is a safe and reliable option that will help you to avoid many headaches.

On the contrary, if the business has its own or custom-designed payment platform, it will have to be adapted to the new regulations with the aforementioned double verification system, which will add an important extra cost.

Touristic establishments with online presence

Hotels, hostels and tourist apartments face an added problem: they usually have two types of rates, flexible and non-refundable.

Should both pass double verification?

In this case it is not clear how the hotel sector will face the change of the PSD2 regulations. The three most reasonable options are:

  • Implement payment with double verification for both rates.
  • Incorporate an automatic system to make said verified payment before the date of free cancellation.
  • Eliminate the flexible or refundable rate option.

In the first case, the client would complete the verification at the moment of booking, but the term would not be executed until the date of free cancellation.

The second case is more complex. The hotel establishment must program a system to notify the user of the payment before the date of voluntary cancellation. This assumption is not only complicated to implement, it can also put many reserves at risk by lengthening the reservation system.

The last option is the fastest to implement, it does not need complex execution systems, but limits the options of the clients. It seems unlikely that tourist establishments will bet on this route.

Does PSD2 have any advantages for online stores?

Although the tourism sector faces a great challenge with the implementation of the PSD2, the rest of online businesses with payment platforms will see how the new European guidelines open an interesting range of options that will have an impact on the improvement of their businesses.

The most outstanding advantages of the PSD2 regulation for online businesses are:

New payment methods

With new regulations entering into force, banks are obliged to "open up" to new companies that offer innovative payment systems. They will do so through the implementation of “APIs”, applications that will allow obtaining bank data to third parties quickly and, above all, with total security. This advance is basic for the arrival of the new payment options.

Among the new payment methods the direct online transfer is the one that stands out. This system is expected to be a favorite in the future because it lowers business costs by offering speed and security to customers.

Less costs for businesses

The immediate consequence of the arrival of the PSD2 is clear: there will be more offer and more payment methods, the banks will no longer be the center of the transactions. Greater market opening is a great advantage for financial companies that want to offer new services, but especially for electronic businesses that will have cheaper payment options.

Improvement of UX (User Experience)

The regulation will make the usability of web pages more flexible. It will not be necessary to refer the user to the external platforms of the banks, this is a step forward in the user experience.

A better integration of payment platforms in online stores will result in improved conversion and increased business profitability. This point is key, it is shown that the more complex the payment system, the higher the abandonment rate of the website without making the purchase.

Who wins and who loses with PSD2?

The PSD2 regulation is a full-fledged revolution, as such it has winners and losers. The most affected by the new regulation are the traditional banks and savings banks that will see as part of their benefits are reduced by the introduction of new competitors on the scene.

Tourism sector will also go through its losses, having to find the best solution to meet the PSD2 without compromising the profitability of their businesses.

The last affected are online stores that have their own payment platforms because they must adapt to regulations due to the peculiarities of their personalized payment systems.

On the other side of the coin we have the users, the new financial companies that will introduce innovative payment systems and the rest of the online companies that will see their profits increased by the reduction of costs and by the increase of the conversion in their businesses .

How will online payments be from now on?

Easy and intuitive

The payment system will be integrated into the merchant's website, that is, you will not have to go to an external page of the bank to do it. Nor will you have the obligation to resort to physical cards as there will be more alternatives.


The simplicity and clarity of the new systems will also make them more agile and faster when completing purchases.


As we said at the beginning, the PSD2 is focused on making sure that the buyer is really who he says he is. The double identity verification system will reduce fraud options for charge retrocession.

Goodbye to coordinate cards, see you later to debit and credit cards

Some banks, to confirm transfers and perform other basic operations, require the use of the coordinate card. The typical message: "enter the C14 coordinate". This process will be history in the near future. With the arrival of the PSD2 it will not be necessary to resort to that plastic card.

What will happen with credit and debit cards?

The new regulations give free way to the presence of new payment systems, as we have seen in the article, but does not cut the wings to conventional cards. They will continue to be a usual form of payment, although in the virtual world they are expected to have a more secondary role.