Home › IMRG Blog › What PSD2 means and how retailers can prepare for it
By: Neil Burton
The EU’s second Payments Services Directive (PSD2) has kept banks, payments services providers, consultants, lawyers and conference organisers busy over recent months.
But retailers, perhaps left confused by the build-up and hype, may be left wondering what it all means. Will PSD2 have any significant impact for them?
The answer is yes. And no.
This article explains what PSD2 is, and what it means for retail, online and in store.
Legally, it has to be translated into Regulation by each member state. A few countries, including Britain which has a strong record of adherence, have done so on time. Several other EU states haven’t, yet.
Some, like the Dutch, are holding back due to yet-to-be reconciled differences between PSD2 and GDPR. Until everyone is on board, the wider EU goal of harmonisation of payments schemes (SEPA, the Single Euro Payments Area) and more generally of markets still remains distant.
The EU has asked the EBA (European Banking Authority) to help out by defining exactly how the regulatory principles should be executed. That’s taking a little longer than expected; the RTS (Regulatory Technical Standards) especially around SCA (Strong Consumer Authentication) are yet to be finalised, and won’t come into force for about another 18 months at the earliest. It takes time to change systems and procedures, even once the spec is known.
The main immediate impact being seen by shoppers — and therefore retailers — is the cessation of surcharges, such as those sometimes levied when paying by credit card online. PSD2 removes surcharging for any payment method, not just card payments.
This will create a level playing field between payment instruments; and avoids unexpected fees being levied on consumers after they’ve spent time filling in online forms. Firms can still set a minimum purchase amount, and of course retailers have to replace the card fee income somehow, so it’s unlikely that all of the £166million per annum (in the UK) that the regulators claim will be ‘saved’ will be passed on to consumers.
Aside from that, there is no material change to in-store payments. Card payments, which today account for three quarters (77%) of all retail spending in the UK – meet the basic requirement of RTS SCA. EMV, with its Chip-and-PIN, already has the necessary two out of three possible authentication methods – something you have, something you know, something you are (typically biometrics).
Most contactless transactions are exempt so that consumers will not be inconvenienced by low value transactions. This is good news particularly as half of all debit card transactions (51%) will be contactless in a decade.
Online payments face a tougher challenge and arguably SCA has the most impact for online payments. Planned changes to the major methods for card scheme payer authentication (or 3D Secure 2.0) will likely tackle the need for SCA. That said, online merchants will need to ensure that these are properly implemented.
There are two big payment changes that will come later:
Two-part authentication will specifically impact any cardholder not present environment. Once the Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) are finalised, web-retailers will have to be ready to change their ecommerce acceptance processes to enable this.
Exceptions will be permitted, for example by firms which can prove the level of fraud they incur is consistently below stringent EU levels, probably favouring larger online retailers and marketplaces who can afford the tools to achieve this.
On a plus side, stronger authentication will boost security and help reduce the escalating online fraud against UK retailers which totalled an estimated £189.4 million in 2016 – a rise of 20% on the previous year.
The choice of payments methods available to merchants and consumers may widen. This is being driven by:
Together these three drivers are enabling new payments models. For example, where a smartphone user could pay a merchant, in real-time, from one bank account to another. Such a model might be less expensive for merchants and provide quicker settlement; and some consumers may prefer its convenience.
However, to achieve this requires operators – either banks or Payments Initiation Service Providers (PISPs), the new category of regulated payments provider created by PSD2 – to step up with big investments ahead of realisable consumer demand.
For retailers, all of this presents a bit of a challenge. Some consumers may prefer to ‘pay instant’; but many will continue to use card. Merchants will need to support both, in as elegant and cost-effective way as possible. Retailers in the Nordics, such as Dagrofa, where real-time smartphone person-to-person payments are widely adopted, have already experienced and solved for this challenge.
More broadly, PSD2 has to compete for attention and resources with many other pressures on retailers. Payments may be important, but it’s unlikely to make the agenda in the boardroom very often. In large part that may explain why few have paid it much attention.
Recent research by Consult Hyperion and CCGroup reveals that fewer than half of retailers are aware of PSD2 and 67% were not ready to comply by the deadline. In addition, it confirms that most merchants are treating it as a compliance issue and not a business opportunity, with only 16% looking to take advantage of PSD2.
By ignoring PSD2 and failing to modernise, retailers not only put their business at risk but may also miss out on unique opportunities. These include using payment choice as a key differentiator; the delivery of more personal services through increased access to customer data; and potential new revenue streams from financial services.
For omni-channel retailers, more payment choice will also drive new innovation in store with the evolution of POS that accommodate new banking apps and alternative payments. Already we are seeing a new generation of handheld devices designed to do just that and deliver new types of connected commerce that enhance the shopping experience.
So PSD2 alone is unlikely to transform retail. But it’s an important enabler in the mix.
It will empower customer authorised and regulated PISPs to credit merchant accounts direct from consumer bank accounts in near real-time.
Requiring banks to open access to bank accounts (aka XS2A, or access to accounts), will undoubtedly open the door to new business models and ‘unicorns’. Added to Open Banking, Instant Payments, smartphones, newgen technology at the POS, and fast-changing consumer expectations – change is certain, and probably ranges right up to disruption.
So how can retailers prepare to meet these challenges head on? Verifone has put together a quick checklist to help them get started:
By: Neil Burton, Head of Change Management - Europe, Verifone UK & Ireland
Click here if you have forgotten your password.
Get unique insights straight to your inbox for free, and improve your understanding of online retail. Subscribe to Online Retail Weekly now.