• The Payment Services Directive 2 (PSD2) regulates online payment services and providers in Europe. PSD2 has enabled ’Access to Accounts (XS2A)’ which allows controlled access to payment accounts. XS2A allows customers to use the services of third-party providers to access account information or initiate transactions on their behalf. PSD2 gives providers a regulated, open market to compete in, while providing customers more payment options and increased security.

  • The following list defines some of the goals of PSD2:

    • Defining third-party license typesTo facilitate XS2A Account Access, PSD2 defines two types of third-party providers (TPPs), as regulated by the local financial regulator:

    — Account Information Service Providers (AISPs): Service providers that aggregate and display the customer's online account information of one or more accounts held at one or more account servicing payment service providers (ASPSPs).

    — Payment Initiation Service Providers (PISPs): Service providers that initiate payment transactions on behalf of the customer.

    • Increasing customer security — PSD2 includes Strong Customer Authentication (SCA), which is an authentication process that validates the identity of the user of a payment service or a payment transaction.
    • Increasing communication security with TPPs — PSD2 requires TPPs to use electronic Identification, Authentication and trust Services (eIDAS) certificates for electronic signatures and electronic seals. Qualified Trust Service Providers (QTSPs) issue the eIDAS certificates, further ensuring security.
  • paysafecard enables Access to Account (XS2A) for TPPs through paysafecard’s REST stack. Through paysafecard's reliable and proven APIs, TPPs can access the same paysafecard systems that power all of paysafecard's consumer experiences.

    paysafecard provides interfaces and necessary documentation for TPPs that explain accessing a my paysafecard user’s account information, such as account balance and transaction history.

  • Are you an AISP looking to connect to paysafecard? Contact us to get access and start testing paysafecard’s implementation.

  • Modified Customer Interface (MCI) enables TPPs to access the designated payment accounts of PSUs for in scope banking entities under PSD2.

    TPP is able to retrieve all content of ASPSP’s web application when they login using customer credentials. This solution is based on existing web application design. The respective documentation can be found under the following link: