Glossary / Regulation
PSD2
PSD2 is the European Union directive on payment services that mandates strong customer authentication for electronic payments and opens bank account access to licensed third parties with the customer's consent.
Also: PSD2, Revised Payment Services Directive
The revised Payment Services Directive governs electronic payments in the European Union. Two parts matter most for identity. Strong customer authentication requires that electronic payments and account access use at least two independent factors from the categories of knowledge, possession, and inherence, with some exemptions for low-risk transactions. Open banking requires banks to let licensed third parties access account data and initiate payments when the customer consents, through secure interfaces.
These rules pushed multi-factor authentication into everyday banking and created the access model that FAPI secures. A successor, often called PSD3, is in the EU legislative process to update and extend the framework.
For CIAM in financial services, PSD2 sets concrete authentication and consent requirements that the identity layer has to enforce, not just recommend.
Sources
- Directive (EU) 2015/2366 (PSD2): https://eur-lex.europa.eu/eli/dir/2015/2366/oj
Related terms
Standards
- Directive (EU) 2015/2366