All about PSD2

The second Payment Services Directive or PSD2 is a European law which makes electronic payments when shopping or banking online more secure.

It aims to make payments safer, increase consumer protection and continue to promote innovation and competition while maintaining a level playing field for all parties.
While some elements of the Payment Services Regulations have applied from 13th January 2018, the next phase has introduced added security rules referred to as Strong Customer Authentication (SCA). This will mean you will see some changes in how you bank and shop online. 

So, from 5th March  2021 when you use your card for online purchases you may be asked to verify your identity using at least two factors of identification.

You’ll already be familiar with One Time Passcodes (OTP), which are often required when making online purchases. We’re now introducing a second factor of authentication called an eCommerce PIN.  You will need this eCommerce PIN from March 5th 2021 along with the OTP for shopping online.  To find out how you can set up your eCommerce PIN click here.

Strong Customer Authentication (SCA)

The aim of SCA is to increase security for electronic payments through the introduction of two factor authentication. This is a security process where you may be asked to verify your identity in two different ways -  such as with a PIN or a fingerprint.

SCA will be used when accessing online payment accounts or making payments online. KBC already use Strong Customer Authentication, however with PSD2 it will be used more frequently to provide enhanced security such as when viewing your statements in the app or making any purchases with your Debit or Credit Card online.

What’s changing for KBC Debit and Credit Card customers?

One Time Passcodes (OTP) are already in use for shopping online and, before  5th March 2021, all KBC Debit Card and Credit Card Holders will need to set an eCommerce PIN also. You can learn how to set an “eCommerce PIN” on your KBC Mobile App or Online by following the instructions here.

Once set, your eCommerce PIN, along with a One Time Passcode, will be used to verify your identity when you make online purchases with your KBC Debit or Credit card. You will need to set an eCommerce PIN for each KBC Debit and Credit card that you hold before March 5th 2021 to continue to shop safely online

If you do not set your eCommerce PIN before 5th March 2021, it could impact your ability to complete online purchases with your KBC Debit or Credit card.

Open Banking

Open Banking allows customers use the services of regulated Third Party Providers (TPP) to provide the following:

1. Payment Initiation Services
When buying online from a retailer,  you’ll be offered the option to pay directly from your bank account, using an authorised TPP, instead of entering your debit or credit card details. TPPs who offer this service are known as a Payment Initiation Service Providers – PISPs

2. Account Information Services
This allows you to use the services of an authorised TPP to help you manage your accounts in a clearer and better manner. TPPs who offer this service are known as an Account Information Service Providers – AISPs.

If you choose to use these services, you’ll need to give explicit consent to the TPP. You choose the services that a TPP can provide, and you can always revoke consent at any time.

You’re in control.

All TPPs are regulated by the Central Bank of Ireland or by the National Competent Authority of their home European Union state. This means that these TPPs are subject to strict security and data protection laws, similar to KBC. KBC will always check that the TPP is regulated before they grant access to them.

Before you give consent,  you can also request information from the TPP, confirming they are a regulated entity.

For more information on PSD2 you can view the European Commission PSD2 Factsheet (pdf, 83KB)