PSD2 recommendations and standards apply to all payment service providers offering internet payment services.

This includes internet card payments (including virtual cards and card data registered in e-wallets), online credit transfers and ACH/direct debit internet payments. In essence, the evolving 3-D Secure systems (aka Super 3D).

Key aspects relate to the need for an Annual Security and Risk Assessment and also that breach notifications have been made mandatory. In the UK, the FCA will be the authority for PSD2 although the ICO (Information Commissioners Office) may also be involved for breach accountability.

Current plans appear to be that, when the EU Presidency passes from Italy to Latvia in 2015, the pilot implementation for PSD2 will be run in Latvia. A 2 year trial period has been proposed with EU-wide enforcement thereafter in 2017.

However, the European Banking Authority and the ECB have also just announced that they will be using the latest SecuRE Pay (the European Forum for the Security of Retail Payments) recommendations, and have agreed to issue guidelines based on the SecuRe Pay recommendations, which will enter into force in August 2015.

Either way, for European internet payment service providers, greater legislation and governance requirements are coming soon.

Learn about PCI DSS Compliance 

Read more on PSD2 and SecuRE Pay here

The Most Powerful & Reliable Cybersecurity Products
Contact Us

USA Offices

New Net Technologies LLC
4850 Tamiami Trail, Suite 301
Naples, Florida, 34103

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]


UK Office

New Net Technologies Ltd
The Russell Building, West Common
Harpenden, Hertfordshire

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2021, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.