HB call center 19905
HB klik login

PSD2

Mastercard cards

PSD2 (Payment Services Directive 2 / Directive 2 on Payment Services) is a legislative framework of the European Union that regulates payment services. Its objectives are:

  • increasing the security of payments in Europe,
  • promoting innovation and adapting banking services to new technologies.

PSD2 introduces two new services that are regulated and harmonised:

  • Payment Initiation Service (PIS) and
  • Account Information Service (AIS).

TPP (Third Party Provider) – third parties, providers of payment services.

Payment Initiation Service (PIS)

Payment Initiation Service (PIS) enables businesses to directly initiate payments from a client’s bank account, with the client’s consent, without the need to use a credit or debit card. This makes bank transfers a viable alternative for everyday purchases. PIS is the most cost-effective, fastest and most secure method for online payments. Merchants do not require sensitive banking data, and the client connects directly to their bank’s portal to complete the payment. This means they benefit from the bank’s security, including multi-factor authentication using a fingerprint and PIN code. A payment confirmed by the payer is irreversible.

Account Information Service (AIS) allows third parties (e.g. financial management applications) to access information about a client’s bank account, such as account balance, transactions and available funds. This enables better financial management and more personalised services.

Instant payments enable real-time transactions, addressing issues such as uncertain payment timelines, difficult cash flow management and unreliable payment processing. The combination of PSD2 and instant payments can enhance user experience and enable faster and more secure transactions.

Summary: PSD2 regulates Payment Initiation Services (PIS) and Account Information Services (AIS), while instant payments enable real-time transaction processing.

PSD2 (Directive 2 on Payment Services)

PSD2 (Payment Services Directive 2) has a significant impact on how payment transactions are carried out and financial services are provided. Here are a few examples of how PSD2 is used in practice:

Payment Initiation Services (PIS):

Online shopping:
When you shop online, PIS allows you to initiate a payment directly from your bank account without using a card. For example, when purchasing a book, the application may redirect you to your bank’s portal to confirm the payment.

Mobile banking applications:
If you use a financial management app, PIS enables you to quickly and securely make payments or transfer funds from your account.

Account Information Services (AIS):

Account monitoring:
Financial management applications can use AIS to display your current account balance, transactions and available funds.

Budgeting:
AIS enables tracking of expenses and budget management based on real transaction data.

Instant payments:

PSD2 has enabled the development of instant payments, where transactions are executed in real time. This means that money can be transferred from one account to another almost instantly, without waiting for clearing and processing.

Example:
When using a mobile payment application in a store, the transaction is recorded on your account immediately.

In essence, PSD2 enhances security, transparency and innovation in payment services, while instant payments enable faster and more efficient transactions.

Multi-factor authentication (MFA)

Multi-factor authentication (MFA) is a key component of PSD2 that further enhances transaction security. Here is how it is used within PSD2:

The first authentication factor is usually a password. When a user logs into their bank account or performs a transaction, they enter their password. This information is known only to the user.

The second authentication factor involves possession of a physical device or card. Examples include:

  • SMS code: The Bank sends a one-time SMS code to the user’s mobile phone. The user enters it as a second factor during login or transaction.
  • Token: The user has a physical device (token) that generates one-time codes, used as a second authentication factor.
  • Smart card: The user uses a chip-based smart card that generates authentication codes.

The third authentication factor includes biometric data. Examples include:

  • Fingerprint: The user uses their fingerprint for authentication.
  • Facial recognition: The user uses face scanning for authentication.

Instructions for the implementation of Account Information Service (AIS), Confirmation of Funds Service (PIIS) and Payment Initiation Service (PIS) can be found at: https://psdapitest.hb.co.me:9443/psd2-rest-external/swagger-ui/ , and the documentation can be downloaded from the link  PSD2-REST-API-Dokumentacija .

For any additional questions, you can contact us via email adress.