PSD2 is the acronym for the second ‘Payment Services Directive’, which took effect across the entire European Economic Area on the 13th January 2018.
There are two parts to PSD2. The part we are concerned with here at Credit Passport, is the part that is designed to give consumers more control of the data that their banks hold about them. The thinking behind it is that if you as a consumer of financial services make a request to your bank for the data they hold on you, they have to give it to you. This makes it easier to switch from one banking provider to another, and also to compare financial offers or to aggregate all of your banking relationships into one place.
The way it has been implemented across Europe is for the regulatory bodies, such as the Financial Conduct Authority (the FCA) in the UK to only allow trusted third parties to request this data on the behalf of individuals (or businesses). These regulated third parties are called Account Information Service Providers, or AISP’s for short.
We were one of the first 6 AISP’s in the UK. The company behind us is called CRIF Realtime Ltd. and you can see our authorisation here.
This means that when you ‘connect your bank accounts’ as part of the Credit Passport application process, we will transfer you to your banks website and you tell them (electronically) that you are happy for them to give us access to read your bank account transactions for a specific period of time. At no point in this process do we ever have direct access to your account or see your log in details. We also only have the ability to READ data, not to make payments or initiate transfers.
Every 90 days you will need to re-approve the connection request with your bank to keep your Credit Passport current.
The second part of PSD2 is to allow different regulated companies (Payment Service Providers, PSPs for short) to make direct payments from your bank account without a bank card in between. Only specific regulated companies can do this.