Payment Services Directive II


The Revised Payment Services Directive (PSD2) is a fundamental piece of payments-related legislation in Europe. In the UK, PSD2 is implemented through the Payment Service Regulations 2017 which comes into force from January 13, 2018. PSD2 is the product of a review of the original Payment Services Directive (PSD) and requires Payment Service Providers (PSPs) to make significant number of changes to existing operations.


The PSD was implemented in 2009 and aimed to create a single market for payments in the European Union, as well as provide a foundation for the Single Euro Payments Area (SEPA). Its main objective was to make cross-border payments as easy, inexpensive and secure as domestic payments.


However, as the digital economy developed, new services began to appear – services that lay outside of the scope of PSD. With the arrival of PSD2, these new services and their providers will be registered, licensed and regulated, increasing competition, providing more choices for customers, and encouraging lower prices for payments.

Introduction of Third Party Payment Providers (TPPs)

TPPs are PSPs who are authorised or registered with the FCA or another EEA regulator or otherwise permitted by law, who do not hold customer payment accounts. Under PSD2 there are two main types: Payment Initiation Service Providers (PISPs) and Account Information Service Providers (AISPs). PISPs will initiate a payment from a customer's bank account on their behalf, and AISPs will provide account aggregation services to customers. Under PSD2, banks are responsible for giving PISPs and AISPs access to a customer's account upon their consent.


Frequently Asked Questions (FAQs)

Q1. What are the main differences between PSD and PSD2?

PSD2 widens the scope of the PSD by covering new services and players as well as by extending the scope of existing services (payment instruments issued by payment service providers that do not manage the account of the payment service user), enabling their access to payment accounts.


PSD2 includes transactions with third countries when only one of the payment service providers is located within the EU ("one-leg transactions")

Q2. In case of unauthorised transactions, how is your liability changing under the PSD2?

Under the current regime payers’ liability for unauthorised transactions is currently capped at £50 in the UK - unless the payer has acted fraudulently or has, with intent or gross negligence, failed to comply with the conditions governing their use of a payment instrument or failed to notify the PSP without undue delay on becoming aware of its loss, theft, misappropriation or unauthorised use. Under PSD2, the liability cap is reduced to £35. Payers will only be liable in cases of user fraud, gross negligence or failing to notify their payment service provider without undue delay on becoming aware the loss. 

Q3. How are the complaints handling timings going to change?

We will give a full response to complaints that involve rights and obligations under PSD2 within 15 days. If there are exceptional circumstances, this is extended to a maximum of 35 days and we will send you a holding letter in the interim.

Q4. What does Strong customer authentication mean?

PSD2 requires Strong Customer Authentication (SCA), which is also known as two-factor authentication. Effective 2019, we will offer to use SCA whenever you access your payment accounts online, make an electronic payment or carry out any action through a remote channel which may carry a risk of fraud or abuse. SCA is made up of two or more elements, including knowledge (something you know, such as a password), possession (something you have, such as a card or mobile device) or 'inherence' (something you are, such as a fingerprint or voice recognition).

Q5. What caution should I exercise while using TPPs?

You can allow another third party service provider, with your clear and specific consent to make an online payment or access your account on your behalf. You are advised to exercise caution while giving your consent to a third party service provider and this should be done only with a registered or authorized service provider. Further, ICICI Bank UK Plc. recognised TPPs will be published on Bank’s website.

Q6. Can the Bank refuse a payment?

The Bank reserves the right to stop or block a payment instrument when we have reasonable grounds relating to security, suspect unauthorized or fraudulent use of payment instrument. However, before blocking or stopping a payment instrument we will contact you to inform you of our intention and reason for doing so.

Q7. How are transaction charges going to change?

Payments in currencies where the originator and beneficiary are in EEA countries the charges will be shared between the payer and payee.