EBA issues further clarifications on PSD2

The European Banking Authority (EBA) has published further clarifications to its guidance on Application Programming Interfaces (APIs) under second Payment Services Directive (PSD2) legislation after a fifth set of issues had been raised by participants of its working group.

The latest clarifications, which are aimed at explaining the mechanisms of the rules, respond to issues raised on the measurement of response times of the dedicated interface, the machine-readability of the EBA register, reliance on eIDAS certificates and various issues related to the contingency measures, including the identification of third party providers through ‘guest books' and the fact that the data that can be accessed as well as documentation.

It comes after the EBA published an opinion on Strong Customer Authentication (SCA) in June, acknowledging that implementing the new standards might be difficult for some merchants, with many being at risk of missing the deadline.

Last week, the FCA confirmed it was planning to grant the payments and e-commerce industry 18 months of extra time to implement SCA.

In January 2019, the EBA established a working group on APIs under PSD2, consisting of 30 individuals representing account servicing payment service providers (ASPSPs), third party providers (TPPs), API initiatives and other market participants.

The aim of the group is to facilitate industry preparedness for the Regulatory Technical Standard (RTS) on SCA authentication and secure communication to support the development of high-performing and customer-focused APIs under PSD2.

The group was tasked with identifying issues and challenges that market participants face during the testing and use of API interfaces in the period leading up to the application date of the RTS on 14 September 2019.

The group was also asked to propose solutions on how the identified issues could be addressed, which the EBA and national authorities would then consider when providing clarifications in response to the issues raised.

Last week, the FCA confirmed it was planning to grant the payments and e-commerce industry 18 months of extra time to implement SCA.

In January 2019, the EBA established a working group on APIs under PSD2, consisting of 30 individuals representing account servicing payment service providers (ASPSPs), third party providers (TPPs), API initiatives and other market participants.

The aim of the group is to facilitate industry preparedness for the Regulatory Technical Standard (RTS) on SCA authentication and secure communication to support the development of high-performing and customer-focused APIs under PSD2.

The group was tasked with identifying issues and challenges that market participants face during the testing and use of API interfaces in the period leading up to the application date of the RTS on 14 September 2019.

The group was also asked to propose solutions on how the identified issues could be addressed, which the EBA and national authorities would then consider when providing clarifications in response to the issues raised.

Related Articles