New European payment regs leave banks holding the bag

no banks regs will drastically effect online security

Published on Payment Source on August 7, 2017 by Raz Rafaeli

The European banking world is facing unprecedented challenges from upstarts who have been trying to wheedle their way into the loan, financing, payment and credit business.

And now those upstarts have the legal sanction of the European Union. Set to take effect in October, the European Union Payment Services Directive 2, or PSD2, is poised to rock the bankers’ world.

With the new directives, a slew of new players will be able to get into the payments business, which will exponential the size of the challenge to online banking security.

Such third-party providers, or TPPs, will have the right to examine bank databases for information on balances, credit, obligations, etc., and make transfer payments between customer accounts and payment targets. The idea, according to the European Banking Association, is to “open up the payment market, allowing companies other than banks (e.g. money remitters, retailers and phone companies) to provide payment services.” More competition means lower cost and more choice. In one fell swoop, the EU has overturned a business model that developed on the Continent and has survived for hundreds of years, making a select few very wealthy. Now the union will be helping to spread those profits around.

But what’s not being spread around, or mandated, is the security onus. Banks are expected to admit all vetted comers, but how they will connect to them is up to the individual parties. If something goes awry in that connection and user data or money are compromised, it is the bank that could be left holding the bag.

Read Full Article