How do I adapt my business to the PSD2 regulation?

BBVA helps you adapt your business to the new online payment directive.

PSD2, the new Payment Services Directive of the European Union, whose regulatory technical standards (RTS) will go into effect on September 14, seeks to enhance online purchases in Europe and increase user confidence in them. To achieve this, and as a priority measure, it aims to enhance security in each banking transaction by modifying how the customer is identified and authenticated. It will do so by implementing new minimums, as set by SCA (or dual authentication). 

This defines the procedures that will be carried out when making each payment. To date, only a password was required. With the implementation of the new PSD2 regulation, the customer will have to be authenticated using 2 or 3 of the following factors: something the customer knows (such as a password), something the customer has (such as their phone) and something the customer is (such as a fingerprint or face). 

Banner Superior Biometria Banner Superior Biometria
Combine your transactions in the BBVA app
Do everything you need to do easily and conveniently from your phone.
A procedure that will be applied by all payment service providers operating in the European Economic Area, and to which businesses also have to adhere by ensuring their payment platform is able to process these secure transactions, thereby reducing the risk that customers will report transactions for possible fraud. If this update is not made, they run the risk of having the banks that issued the cards decline the purchase (which would not be good for them).

How does the payment platform adapt to the new directive?

Depending on the business and the connection it uses to process transactions with its virtual POS terminal, changes may or may not be required. If the answer is yes, they can rely on BBVA. We have been working for some time to make available to them the tools necessary to be in compliance with the measures requested by PSD2 in relation to online purchases. 

First, we have adapted the configuration of our virtual POS terminal so that businesses that use a redirect payment gateway to communicate don't have to change the integration of their terminal one in order to operate in accordance with the regulation. We will do it for them. 

If, on the other hand, this connection is made using Host to Host (direct from the company to the bank), they will have to make minor updates, a task we will help them with as needed. They can opt for a simpler option that consists of redirecting the operation to the payment gateway (to the Virtual POS terminal) or, alternatively, they can adapt the Host-to-Host connection itself and manage the full process for each transaction internally. In either case, they will get all the help they need from BBVA. 

Whatever the new scenario, and to fully adapt to what is coming, an updated version of the EMV 3DS secure purchasing protocol has also been created, which incorporates the obligation to send new programming fields in each transaction, thus avoiding potential fraud. Each payment service provider has its own adaptations.

Central banner Biometria Central banner Biometria
Discovers the online Banking of BBVA
Makes good use of all the functionalities that you offer and that you allow carry out your operations daily from the cell phone.

Are the measures associated with SCA required to be applied at all times?

For both individuals and businesses, security is a priority at BBVA. We have been working for a long time to give them the best measures to protect their money and data, thanks to which they don't have to resort to SCA. 

A fact that in the case of the shops can change, since because of the complexity and the impact that has for the consumers and the shops, is elaborating a plan that owe be validated with the national authority for determine when leaves to comply with the requirements of the reinforced authentication (SCA) in e-commerce established in this regulation European.

A/C Biometria A/C Biometria