What Apple’s Second Payment Services Directive (PSD2) notification means for you
Over the weekend, Apple sent a notification regarding Payment Services Directives (PSD2) being implemented across App Store and iTunes. But what is the Second Payments Services Directive? How does it affect your future purchases? Is Apple Pay compatible with it? Read along and learn what the new directive means for you and how it’ll change the way you make payments.
What is the Second Payment Services Directive (PSD2)?
PSD2 is a new compliance announced by the European Union to make financial services more accessible. Currently, financial institutions, such as banks, maintain customer accounts. These institutions are called Account Servicing Payment Service Providers (ASPSPs). ASPSPs should provide Third-Party Payment Providers (TPPs) a secure way to access customer information.
PSD2 introduces two new categories of TPPs — AISPs and PISPs — that are accessible to banks and fintech companies in the European Union. AISP allows third-party services to see a customer’s bank account information securely, of course, after the user provides consent to the third-party service. Bear with us! Second, i.e., PISP allows third-party services to make payments without accessing a customer’s private information, like bank account number or credit card number.
However, with more accessibility, the number of frauds might increase. To prevent this situation, PSD2 also introduces a number of security features that make online purchases safer. Requirements like OAuth 2.0, OpenID protect users against online fraud by introducing Strong Customer Authentication (SCA) in the transaction. What this basically means is that whenever an app, a website, or App Store tries to charge you for a service, the transaction must be authenticated via additional factors, such as card PIN, One Time Passwords (OTPs), or fingerprint/facial authentication.
Apple Pay is already PSD2 ready
In the email sent by Apple recently, Apple says that Apple Pay is already compliant with PSD2. Since Apple Pay already has a multi-factor authentication system in place — Apple Pay transactions are authenticated via Face ID or Touch ID — it is PSD2 and SCA compliant.
If you don’t use Apple Pay, Apple says that many purchases on the App Store, from now, may require “additional authentication steps at checkout.” However, if you already use Apple Pay, you don’t need to worry.
“The built-in security features of Apple Pay already satisfy these new requirements, making it a simple and secure way to pay for apps, games, subscriptions, and more.”
For those of you who have set up Apple Pay on your iPhone, Apple has set Apple Pay as the default payment method since it is already SCA and PSD2 compliant. Apple has highlighted certain scenarios wherein SCA authentication might be required, even when Apple Pay is in use.
For auto-renewable subscriptions, SCA is required only for the first transaction.
Purchases under €30 may not require SCA.
Purchases made with Apple Pay, which already meets SCA requirements, will not require additional authentication.
Purchases made with mobile phone billing, other payment services, or an Apple ID balance (from gift cards or adding funds) will not require additional authentication.
If you wish to change your preferred payment method from Apple Pay to something else, such as your credit card or your carrier, you may do so by clicking here. But keep in mind, you’ll have to authenticate each and every transaction by OTP or web-pin.