The revised Payment Services Directive (PSD2) is a European directive with two main objectives: ensuring consumer protection and enhancing competition in a changing market environment as well as facilitating customers access to payment services.
PSD2 also redefines the role of each of the counterparts of the payment market. It defines the role of the new players entering this market of payment services: the third-party providers (TPPs). Below a description of the different TPPs and more generally, of all PSD2 actors:
- The Payment service user (PSU): It is a physical person or entity which is the end-user of services provided by TPPs or by the holding account entity (ASPSP), most of the time, a bank.
- Third Party Providers (TPP) which are subdivided into three categories:
- Account Information Service Providers (AISP): It allows a payment account holder to get information on all its accounts (whatever the bank) through a single user interface.
- Payment Initiation Service Providers (PISP) : it refers to all the payment market players which model is based on initiating payments on behalf of a payment requester (the payee).
- Card Based Payment Instrument Issuers (CBPII): It checks the coverage of a given payment amount on the PSU’s account. In general, it refers to players issuing means of payment, but which are not holding the payment account themselves.
- The Account Servicing Payment Service Providers (ASPSP): all the players who are in charge of holding bank accounts for their clients. For this FD, MFB has the role of ASPSP.
Recent and upcoming changes
From October 15, 2023 :
- On API AISP : Adding the type of each operation in the remittanceInformation field
- On API PISP : Corrected issue on timezone fields
- On API PISP : When creating a payment, return code is now 201 in accordance with the STET specifications (instead of 200)
From July 3, 2022 :
- On API AISP : Adding the MCC (merchantCategoryCode) on transaction ressource based on ISO 18245
- On API AISP : field cashAccountType on account resource is now correctly valued
- On API PISP : Adding the 400 error return code if the authentication method is not supported
From December 8, 2021 :
- On API AISP : Adding the PSU Identity request (Retrieval of the identity of the end-user) based on STET 1.5.1.6 Chapter 4.8
- Description: introduce the new End User Identity request, which will allow the TPP to request some information about the PSU’s identity.