Payment institutions like Unzer are to be granted access to bank data and bank accounts. The basic premise behind this decision is that the data and accounts are actually owned by the respective account holders and not by the banks. Express authorisation must then be granted by the respective account holders for payment institutions to retain access to the bank accounts.
Access to the bank accounts should allow a network of both new and existing solution providers to be established. The new solution providers will primarily be account information service providers (AISPs) and payment initiation service providers (PISPs).
The rules on payment fees are also being revised. Accordingly, companies such as organisers/promoters or airlines will no longer be allowed to charge extra credit card fees.
Customer protection is also being strengthened. The goal with Strong Customer Authentication (SCA) – also known as two-factor authentication – is to make misuse of data significantly more difficult.
In order to comply with the requirements of PSD2 when processing credit card payments, there is a new version of 3D Secure. This is for example known as "Verified by Visa" or "MasterCard Identity Check" in the card networks.
Unzer has integrated the future service in such a way that no difference from the current 3D Secure can be technically determined.