PSD2: Secure online payment in Masteritem
As of 1 January 2021, the new regulations for internet payments in electronic commerce, known as PSD2 (European Payment Services Directive), are already active and in Masteritem are fully integrated.
What is PSD2?
PSD2 is actually an update of PSD1 which came into force in 2007.
It was the first European regulation on means of payment. This update reinforces security in accessing the buyer's bank details.
PSD2 sets out several improvements to the security of digital payments. This regulation officially entered into force on 14 September 2019 and, since then, banking entities have been gradually adopting it.
On 1 January 2021, however, the official date has been designated, so that the new European payment regulations are implemented for all e-commerce, who want to offer the online payment modality to their customers.
Improvements in the security of PSD2
The new PSD2 is based on the principle of SCA or enhanced authentication. It consists of a set of measures to strengthen customer access to bank data.
According to this SCA, for user/customer authentication to be effective, at least two of the following three factors must be met when making the payment:
- Be it through something that only the customer can use, like a mobile phone or a smart card.
- It could be something that only the customer can know, like a PIN or a password.
- Whether it's through something that only the customer can possess, like a fingerprint, a voice recorder or your facial features.
Regulation of online payment PSD2 in Masteritem
Masteritem has already fully integrated the PSD2 online payment regulations. Based on it, the online purchase process of our products is as follows:
- During the payment process, you will need to fill in the credit card details, including card numbers, cardholder name, expiration date and CVV security code.
- When the payment request is processed, the bank will contact you by mobile phone, in accordance with the rules.
- Usually a code is sent that the user must accept and, after performing this action, the payment process ends.
What does my bank require to authorise payment under PSD2?
Each bank applies its own criteria when requesting the appropriate form of authentication for its customers.
The most widespread form is through a code that arrives by notification, through the entity's downloadable application (app).
But it's not the only method. There are also entities that maintain the sending of codes by SMS, to ensure that all customers have this information.
The user may also be asked for some action, so that he can confirm his authorship of the payment. For example, by entering a PIN or password, using your fingerprint, facial recognition or any other type of biometric identification, which will have been previously configured.
To find out what your bank requires in relation to online payment according to the PSD2 regulations, you can consult these links: