2. Actors and definitions
PSD2 builds on the foundations laid down by the first directive to open the market for payments to new operators, and to realise the principle that is fundamental for real competition between operators: to establish ‘the same rules for the same services’ regardless of the nature of the subject - be it incumbent or newcomer - that offers them. In this way, PSD2 seeks to encourage the development of new forms of innovation and, therefore, competition, at the level of digital payments, with the prospect of offering more choices to end consumers.
Thanks to PSD2, users of an online payment account, for example, will have the opportunity to make payments or to obtain information on their account through the use of applications made by third-party providers (TPPs), who will have the right, based on proper consent from the user, to access the systems of banks (formally, account servicing payment service providers — ASPSPs) in ‘open’ mode. To allow this access in an open and secure way, the ASPSPs will also be required to implement the open technical interfaces necessary for dialogue with the TPPs and the management of the payment initiators (so-called payment initiation services) and account information aggregators (so-called account information services) carried out by users through these TPPs.: An open banking ecosystem to survive PSD2
This will subsequently make it possible to improve the customer experience by leveraging new services and new offers.
Following the actors expected and the related acronyms used in the document:
- PSU - Payment Services User
He is the subject using all the payment services defined and provided by the PSD2 ecosystem.
- PISP - Payment Initiation Service Provider
This entity provides the PSU with the service to set up payment transactions; the related services supplied can be identified as PIS (Payment Initiation Service).
- PIISP - Payment Instrument Issuing Service Provider (also known as CISP – Card Issuing Service
This entity provides information about the funds availability on PSD2 payment transactions based on the payment cards. The related services supplied can be identified as FCS (Confirmation on the Availability of Funds Service).
- AISP - Account Information Service Provider
This entity offers information services about the payment accounts. The related services can be identified as AIS (Account Information Service).
- ASPSP - Account Servicing Payment Service Provider
This is the entity where the payment accounts resides. It receives payment requests, receive payments, provides information on managed payment accounts.
- TPP - Third Party Provider
A general definition of the provided services inside the PSD2 on behalf of a PSU. A TPP may have one or more of the PISP, AISP, PIISP roles and it is able to communicate with the involved ASPSPs through the interfaces defined by the PSD2 Gateway.
In particular, the PSD2 governs other activities of PSPs in the European market of payment services by introducing three service models, under which new players can build the services they offer.
- ASPSP are obliged to receive and manage payment orders initiated by its customers through PISP that are qualified to operate in the European Union
- PISPs can offer to customers of the ASPSPs initialisation services for payment orders directed to all ASPSPs in which they have payment accounts
- PISPs are authorised exclusively to operate the new payment service and never to enter into possession of the funds of the debtor
- ASPSPs are obliged to provide payment account information upon request of their customers that are users of those AISPs authorised to work in the European Union
- AISPs can offer customers of ASPSPs information aggregation services on payment accounts that are held by the ASPSPs
- AISPs cannot use customer data or access the payment accounts for purposes other than those provided by the service authorised by the customer
PISP AND AISP OBLIGATIONS
- PISPs and AISPs must obtain authorisation to operate in relation to payment services with the Competent authority (in Italy, the Banca d'Italia), demonstrating that they meet the necessary requirements
- Both must have a professional liability insurance, or other similar guarantee fund, capable of covering liabilities which may incur in carrying out their activities. PISPs must also have a share capital of no less than € 50.000 (Art. 7)
- Both must be registered in the public register established by the Member State (presumably, therefore, the one held by Bankit)
- CISPs can make a request to the ASPSP of the user for the availability of funds before the execution of the card-based payment
- The request can take place only if the account of the debtor is accessible online and if he had previously issued the consent to the ASPSP – Account Servicing Payment Service Provider – and to the CISP
- The answer can only be positive or negative and the CISP will never be aware of the extract of the balance, or memorise the response or use it for any purpose other than the execution of the card-based payment transaction
The PSD2 is a potential forge for creating innovative transactional products and services that will be increasingly in line with the digitisation and evolution of customers. In this sense, the market evolution will be considerable, and to date not entirely conceivable, also thanks to the expansion of the Fintech scenario.