eIDAS and PSD2 – A perfect symphony in the digital marketplace?

by Gaurav Sharma (guest) on 26. January 2017

The European Union is leading the way in the move towards the creation of a single digital market. The many advantages that a digital business has over it’s more traditional counterparts are only amplified when such businesses are allowed to operate seamlessly across multiple markets. The harmonization and standardization of regulations regarding digital signatures, electronic verification and digital payments can create wonderful opportunities for FinTech companies and technological innovators. It essentially creates a large pan European single digital market which is open to these companies to innovate in.

Made for each other - eIDAS and PSD2

The PSD2 aims to revolutionize the digital payments market by allowing for unfettered innovation by third party FinTech companies. Account Information Service Providers (AISP) can retrieve and present bank account information by plugging into banks through open APIs. Payment Initiation Service Providers (PISP) can go a step further and even let the users initiate transactions using their platforms rather than by logging into their bank accounts.

The eIDAS regulation complements the additional functionality which is brought in by the PSD2. AISPs and PISPs needs to interface with existing core banking systems in order to access relevant customer data and provide their services. eIDAS provides the tools necessary to meet the obligations regarding security, authentication and document verification. Member notified eIDs which provide the “high” level of assurance, can be used across the EU to open a bank digitally in any member country. The eIDAS regulation provides standardization for this process across the entire bloc.

Ongoing efforts on the regulatory front

The European Banking Association is also actively considering using eIDAS as a means of providing secure communication and positive authentication for use by PSD2 service providers. A discussion paper was floated to seek industry opinion on this and feedback received there would be used to draft the Regulatory Technical Standards in January 2017.

New Call-to-action

As per the EBA discussion paper, “the qualified trust services provided by qualified trust service providers” under eIDAS can also be of relevance for the identification between the AIS or PIS providers with the Account Servicing Payment Service Providers (ASPSPs), as well as for ensuring the integrity and correctness of the origin of the data transmitted between AIS or PIS providers and the ASPSPs.” The qualified electronic signature will have the same legal relevance as a wet signature and a similar treatment is provided for electronic seals which can help with establishing the integrity and verifying the origin of the data as well.

Further, a green paper on retail financial services was also issued which outlines how eIDAS could be used to enable digital payments, KYC processes and the services which are envisioned under the PSD2.

Harmonization across the bloc

The intention behind all of this is to use eIDAS to provide the security framework that would enable service providers to offer end to end and truly digital banking and payment services. This was already possible under certain circumstances but the process was not standardized and this led to low adoption rates. With the harmonization that will be brought in with the formal adoption of these directives, a single digital market for FinTech companies would indeed materialize. The potential business opportunities that this enormous new marketplace creates would be open for anyone to take advantage of and if done correctly, everybody wins.

New Call-to-action

References and Further Reading

 Image: "Londres à Pied 24", courtesy of Alain Rouiller, (CC BY-SA 2.0)

Other Related Articles: # Digital Signatures # eIDAS # PSD2

Want to know how we can help ?

Get in touch to better understand how our solutions secure ecommerce and billions of transactions worldwide.