The PSD2 requires starting on that date, electronic payments need to use two of three elements in order to make sure the authorized user is making the purchase. These include something the customer knows, like a password or PIN code, something a customer has, like a phone or hardware token and something a customer is, for example using a fingerprint or facial recognition.
EBA said that while it believes enough time has passed since the 2015 original notification and that it cannot legally delay the deadline anymore, it acknowledges that some legitimate concerns remain about readiness, particularly among non-payment service providers.
The EBA said it will agree on a limited basis to work with some PSPs as well as some merchant and consumers, however they must meet some additional guidelines, including offer a migration plan to come into compliance. Future deadlines will be announced later this year.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now