The European directive on means of payment was passed, known as PSD2, which replaces the previous one in 2009 and will be applicable as of September, with the aim of protecting the user from possible undue access to Your sensitive information. Within the banking sector created much controversy because, in principle, was raised as a directive that was positioned on the side of fintech, forcing banks to share their most important asset, the data of their customers, which now happens to have the power to decide with whom you share them.
What does this mean to banks?
The new scenario that introduces this principle obliges banks to enable technical means that allow third parties to access data about their customers’ payment accounts. In addition, it forces them to adopt the necessary security measures that guarantee full control over who and when they access these data, implementing what is known as SCA (Strong Customer Authentication) to ensure that it is really the user who is giving permission to access said data.
One of the objectives of this directive PSD2 is to provide fintech with a legal framework that, under regulatory control, facilitates its growth and the emergence of new companies that, under a rapid management of technology, encourage the development of new models of deal. However, the banking entities themselves were the first to take advantage of the directive since, through the development of banking aggregators, several entities in Spain have already included in their portfolio of services the possibility of having a unique view of all entities, from their own application.
Aim: Release info held by the banks
In addition, PSD2 tries to release the information held by the banks, giving it to the clients of the entities, which favors the appearance of new companies that know how to take advantage of this information, creating a more competitive sector and accelerating solutions. However, the excessive prominence of some regulators and the reluctance of large companies to provide access to other giants such as Facebook, Google and Amazon, accustomed to managing data in a more agile way and with a better image and control over users. , has caused that the small letter of the directive is generating a lot of controversy before its entry into force. The directive establishes that the EBA (European Banking Authority), in collaboration with the ECB, is in charge of developing the legal framework that will govern the security of electronic payments.
PSD2 is another step, with the aim of streamlining the processes and improving customer protection, which will know under what criteria the information will leave, with the guarantee of the Bank of Spain, so that there are no problems in access or impersonations.