Tag Archives for " PSD2 "

Dutch data watchdog: PSD2 consent must be obtained ‘separately’

Third parties seeking access to payment account information held by banks must distinguish their requests to process customer data distinct from broader requests for acceptance of the terms and conditions of their payment services, the Dutch data protection authority has said.

Full article: Dutch data watchdog: PSD2 consent must be obtained ‘separately’

Why blockchain can solve the EU’s two-factor authentication dilemma

If you’ve become used to going contactless when out shopping, then you might receive a shock next year. New EU anti-fraud regulation comes into force in September 2019 and will require two-factor payment authentication for physical and online payments, potentially leading to abandoned shopping baskets.

Full article: Why blockchain can solve the EU’s two-factor authentication dilemma

EU regulation will drive U.S. banks to embrace FinTech or lose market share

Along with the EU’s General Data Protection Regulation (GDPR), which gave citizens the right to control the use of personally identifiable information, the Payment Services Directive 2 (PSD2) required the sharing of consumer banking data with third parties when authorized by the customer.

Read article: EU regulation will drive U.S. banks to embrace FinTech or lose market share | Computerworld

EDPB adopts letter regarding the PSD2 Directive

The European Data Protection Board (EDPB) adopted a letter on behalf of the EDPB Chair addressed to Sophie in’t Veld MEP regarding the revised Payments Services Directive (PSD2 Directive). In its reply to Sophie in’t Veld the EDPB sheds further light on ‘silent party data’ by Third Party Providers, the procedures with regard to giving and withdrawing consent, the Regulatory Technical Standards, the cooperation between banks and the European Commission, EDPS and WP29 and what remains to be done to close any remaining data protection gaps.

Source: Letter regarding the PSD2 Directive – European Data Protection Board

‘Legitimate interest’ may permit processing of ‘silent party data’ under PSD2

Businesses in the payment services market do not necessarily need the consent of ‘silent parties’ to process their personal data when providing payment initiation or account information services to their customers, the European Data Protection Board (EDPB) has said.

Source: ‘Legitimate interest’ may permit processing of ‘silent party data’ under PSD2

Overlap Between the GDPR and PSD2

The EU Payment Services Directive (PSD2), which took effect on January 13, 2018, puts an obligation on banks to give Third Party Providers (TPPs) access to a customer’s payment account data, provided the customer expressly consents to such disclosure. The new legislation is intended to improve competition and innovation in the EU market for payment services.

The General Data Protection Regulation (GDPR), which is due to take effect from May 25, 2018, enhances individuals’ rights when it comes to protecting their personal data. The interaction between PSD2, aimed at increasing the seamless sharing of data, and the GDPR, aimed at regulating such sharing, raises complicated compliance concerns.

Source: Overlap Between the GDPR and PSD2 | Inside Privacy

>