How To Make Online Payments More Innovative and Even Safer in the EU
- Europeans make online payments daily, whether by credit card or digital wallets
- The Commission has proposed new rules for payments and electronic money
- To make the user experience smoother, these EU proposals require improvement
In June, the European Commission presented two key legislative proposals aimed at reshaping payment services in the EU. Those are the Payment Services and Electronic Money Directive (PSD3) and the Payment Services Regulation (PSR). They seek to modernise and revise existing EU payment rules, including the Second Payment Services Directive (PSD2). The Commission’s goal is to promote innovation and harmonisation.
This might sound awfully technical to you, but it does affect all of us. It’s about the future of online payments. That includes good-old credit and debit cards, paying via internet banking, and more state-of-the-art methods such as digital wallets or mobile payments.
In that respect, these proposals can improve consumers’ payment experience and provide businesses with a clear set of rules. It is essential that the new rules preserve the EU’s flourishing payment ecosystem, while at the same time improving legal certainty and procedures for companies.
1. Preserve the EU’s thriving payment ecosystem
Since 2019, payment service providers like banks have been required to use so-called “strong-customer authentication” (SCA) to verify a person’s identity when initiating electronic payment transactions. SCA is a way of validating one’s identity in order to help prevent fraud. For instance, when booking a train ticket online, your bank may send a verification message to your phone via SMS.
While SCA has helped to combat fraud in the EU, consumers sometimes still experience difficulties, for example when they keep waiting for that verification message but it never arrives. We’ve all been there before, haven’t we? Hence, these new EU rules should also aim to encourage innovation and clarify requirements to ensure a smoother process.
What is more, new SCA requirements should not place significant liability risks on technical service providers. These services offer all the necessary technical assistance related to payment services and are used by many businesses to access banking interfaces in an easy and secure way. They are not payment service providers, however, as they never enter into possession of the funds to be transferred. Hence, any new liability requirements for them would only hinder innovation and negatively impact the EU’s payment ecosystem.
It is also important to strike the right balance between merchants’ rights and consumer protection. The draft rules now include a proposal to mandate an unconditional refund right for all transactions initiated by the payee. However, such transactions can occur in very different contexts. So-called direct debits are commonly used for essential services like electricity, internet, and telecom contracts. Merchant-initiated transactions, on the other hand, are generally used by online businesses, such as e-commerce platforms or digital marketplaces.
The latter method is more susceptible to abusive refund requests. So far, existing rules allowed merchants to challenge such refund requests, but the new rules would mandate refunds even if they are abusive. To preserve merchants’ rights, the new rules thus should continue to allow vendors to challenge potentially abusive refund requests.
Finally, the proposed idea to merge the second electronic money directive (EMD2) with the PSR will subject e-money services to stringent rules designed for banks. This would be disproportionate. In simple terms, e-money services allow users to store and manage their money electronically, and to make payments without using cash or traditional banking services. They can be used to make online purchases or send and receive money.
Numerous e-commerce players and online platforms allow their customers to store small amounts of value balances to be spent directly on that platform – for example to book a subscription, order a ride, or make in-app purchases. That’s why excluding small e-money balances from these excessive requirements would only be fair and preserve useful services that really benefit European consumers.
2. Increase legal certainty and improve procedures
In their current shape, the PSD3 and PSR proposals would leave considerable room for interpretation by the European Banking Authority (EBA), which will determine how most of these rules are going to be implemented. Unfortunately the EBA’s stakeholder involvement has not always been satisfactory or representative in the past. To address this problem, EU legislators should ensure that the rules are crystal clear and relevant stakeholders are effectively involved in the implementation process.
Indeed, the EBA’s Banking Stakeholder Group (BSG), whose role is to help facilitate consultation with stakeholders, is still largely dominated by representatives of large banks and traditional market players. EU lawmakers should force the EBA to create a new stakeholder advisory group that represents all interests in today’s payment and finance ecosystem, and not only those of legacy stakeholders.
The EBA is given 12 months to prepare and adopt decisions for implementing the PSR, while companies would only get six months to adapt before the regulation takes effect. This tight timeline is not reasonable for companies, which need adequate preparation time. Lawmakers should thus extend the deadline for the PSR’s entry into application by an additional six months to provide the market with a reasonable implementation window.
To conclude, European lawmakers really can improve the PSR and PSD3 proposals for the benefit of consumers and businesses by implementing these two recommendations. With the necessary tweaks, the proposed rules have the potential to enhance the payment experience for all European consumers.