PSD2

The revised EU Payment Services Directive (PSD2) came into force on 1 January 2018. The aim of the directive is to increase competition, enable faster payment processing in the European banking market and, most importantly, improve payment security. On 14 September 2019, the legislation will be supplemented when a new regulatory technical standards on strong customer authentication and secure communication (RTS) come into force.

The RTS will result in technical changes in the payments area and in our digital channels that will strengthen security in relation to payments and the protection of your data. The changes will be implemented in our systems automatically and no actions are required from our customers in relation to this.

On this site, you can read about some of the key changes that will impact our customers:

 

Digital platforms

From 14 September, the users of our online banking platforms, Business Online and/or District, will experience minor changes: 

  • The logon flow will change so that it is no longer possible to see which part of the authentication has failed during logon
  • When making payments, users may need to provide extra authentication to approve the payments
  • The time period for automatic logoff due to inactivity will be shortened.

 

Online and in-store shopping

Corporate card holders will experience extra authentication steps in the purchase process more often, both when shopping online or at physical stores:
  • When making online purchases on websites in the EU, the card holder will more often be required to use a one-time password, which will be sent in a text message as a part of the purchase flow.
  • The card holder will also have to use the 4-digit PIN more often when using the payment card in physical stores in the EU. 

 

Third-party providers and Open Banking

From 14 September 2019, users are allowed to use third-party providers in relation to accounts and payments services where an account is accessible online. Third-party providers (TPPs) are independent service providers. 

A TPP will be able to do a number of things for you: aggregate your account information, provide services to allow you to make various transfers from your account, or issue instruments for making card-based payments from your account. 

We will assist a TPP in providing services to you should you want us to do so. However, it makes sense for us to apply certain parameters to the way in which TPPs operate and to set out what we will need to receive from you and from the TPP to allow the services to be provided. 

You can read more about Third-party providers and Open Banking here.


Terms and conditions

 As a result of the changes in relation to the new regulatory technical standard for PSD2, some of our terms and conditions have been updated. You can find your terms on conditions on following pages:

London Branch

Germany

Ireland

If you have any questions, you are of course also welcome to contact your relationship manager.

 

Q&A about PSD2

Do I as the customer need to do anything?
  • No, the changes do not require you to take any action. We will implement these changes in our system automatically.

What is Strong Customer Authentication?
The requirements for stronger security is also known as Strong Customer Authentication (SCA). SCA is based on two or more of the following three factors:

  1. Something you know (eg. password, passphrase, pin, sequence, secret fact)
  2. Something you own (eg. mobile phone, wearable device, smart card, token, badge)
  3. Something you are (eg. fingerprint, facial features, voice patterns, iris format, DNA signature)

I have a MasterCard, Corporate MasterCard or Visa/Dankort – what changes will I experience?

  •  When making online purchases on websites in the EU, you will more often be required to use a one-time password, which will be sent in a text message as a part of the purchase flow. This is also known as Verified by Visa or MasterCard ID Check.
  • You will also have to use your 4-digit PIN more often when you use a payment card in physical stores in the EU

I am using District/Business Online – what changes will I experience

  •  The logon flow will change so that it is no longer possible to see which part of the authentication that fails during logon
  • When making payments, users may need to provide extra authentication to approve the payments
  • The time period for automatic logoff due to inactivity will be shortened to 5 minutes

I am using eBanking Business – what changes will I experience?

  •  When making payments, users may need to provide extra authentication to approve the payments
  • The time period for automatic logoff due to inactivity will be shortened to 5 minutes

Will there be more changes in the future?

  •  We always strive to give our customers the best experience when using our digital channels, which means we continue to work on improving the experience when using our digital channels, while remaining complaint with the requirements from the PSD2 legislation