Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner.

What does PSD2 mean for your energy business?

Cyber news
Mitigating cyber security threats

Is 14th September 2019 in your business calendar?

If your organisation processes online card payments then it should be – because that is the final deadline for complying with the Regulatory Technical Standard (RTS) of PSD2, the revised Payment Services Directive issued by the European Commission for innovation, improvement and internet payment safety.

Confused? Let’s take a closer look.

What does PSD2 aim to achieve?

PSD2 was initially adopted in 2015, and becomes applicable in January 2018. It is an updated version of the original directive aiming to create ‘an efficient market for payment services in Europe’. This updated version builds on the first directive most clearly in areas related to consumer rights, including complaints handling and surcharging, third-party access to account information and, crucially, enhanced security.

PSD2’s objectives include: making it easier and safer for consumers to use internet payment services; delivering better protection against fraud, abuse, and payment problems; promoting innovative mobile and internet payment services; and strengthening consumer rights. It also aims to strengthen the role of the European Banking Authority (EBA) to coordinate supervisory authorities and draft technical standards.

The RTS, that final piece of the directive which comes into force in September, specifies the final security measures which organisations are expected to deploy to be compliant with PSD2.

What does this mean for energy companies?

In practice, this means that energy companies wishing to process payments online have until 14th September to implement security measures. However, this is not limited to the energy sector, it applies to businesses across a range of sectors including utilities, leisure, transport and other services, as well as ecommerce businesses.

Specifically, they have until 14th September to implement strong customer authentication, or SCA, on all remote ecommerce transactions of €30 or more (some transactions under €30  will also require SCA under the cumulative rule). And this isn’t just a ‘nice to have’, or something you can catch up on a week or two later. As of 14th September, you will be technically unable to process payments without SCA. A hard stop is in place, policed by the major payment companies.

So if you want to be able to continue accepting payments online, continue selling your goods or services and continue maintaining good relationships with your customers, you need to implement SCA now.

What does SCA look like?

SCA delivers enhanced authentication for online payments. It requires customers to verify their identity through at least two of the following: a biometric factor; this is something they are such as a fingerprint, voice recognition or facial recognition software, a phone or other piece of hardware; this is something they have, or a PIN, password or security question; which is something that they know. Each of these methods of additional verification has its own advantages and disadvantages – and each introduces an additional stage for customers to go through when completing a payment, potentially increasing friction.

The role of Digital Wallets

One of the exceptions is if you process payments via a digital wallet solution, because the wallet essentially counts as a single method of identity verification in itself. In turn, this means that you as the business accepting payments only need to implement one additional method of identity verification for those payments. The use of digital wallets is forecast to increase drastically over the next few years – in China, for example over a third of transactions are already made using ewallets. Additionally, regular payments such as those for a subscription service or paying a bill on a regular basis may be fast tracked through to an approved customer list.

PSD2 is part of a more general shift to Open Banking, which allows authorised third parties to access customer information that was previously available only to banks. This enables businesses to offer their customers more innovative and user-friendly means of paying for goods or services rather than simply a credit or debit card and, in turn, prioritise their convenience. Provided you choose fully compliant third-party payment partners, PSD2 really is an opportunity to make your online payment processes more agile, more customer-centric and ultimately more secure.

What next?

The countdown is clearly on. With just four months to go until the PSD2 comes into final force, ensuring that your business is ready has to be a key priority. First, you need to check that all of the third parties involved in your online payments processes are fully PSD2 compliant. Next, you need to implement SCA processes if you have not already done so, bearing in mind that keeping customer friction to a minimum is key from an ecommerce and marketing perspective. Introducing digital wallet functionality could prove a hugely valuable step, given the huge forecasted increase in their popularity over the coming years.

PSD2 sounds complicated, but a few simple steps can ensure your house is in order well in advance of the deadline, and that you are ready to process online payments smoothly and securely from 15th September onwards.

Recommended for you

More from Energy Voice

Latest Posts